This guide explains how to enable IAM Introspect API in Haventec Connect Application and configure the IAM Introspect properties. Once these are configured, the user will be able to invoke the Authenticate Intropsect APIs.
Prerequisites
- Setup Console, Authenticate, OIDC LP, and Haventec IAM
- Configure Haventec IAM with the client and users
Content
- Login To Haventec Console as an Organisation Admin
- Navigate to the application details page
- Go to the bottom of the page to the ' Enable introspect IAM API ' check box and click on it to enable the properties and fill those individually as given in the below description
Please follow the below steps to fill each property in the above image
- IAM introspect URI: corresponds to the URL in the curl command in step 4. Send a call to the IAM introspect URI using the JWT in this Configure Haventec IAM with the client and users link.
https://iam.demo.haventec.com/auth/realms/crm/protocol/openid-connect/token/introspect
Note: The fields highlighted in dark blue above will need to be changed according to your IAM configuration.
- Client ID: corresponds to the ' Client ID ' in step 2. Create an IAM client in this Configure Haventec IAM with the client and users link.
- Client Secret: corresponds to value passed against ' client_secret ' in curl command mentioned in step 3. The user sends a HTTP request to the IAM to log in and get a JWT in this Configure Haventec IAM with the client and users link.
- Role JSON path and Allowed role: please copy the value as it is on the image which is ' /resource_access/account/roles ' and ' manage-account ' respectively.
The fields will be saved as you edit and click on the blue tick as shown in the below image.
Now you are ready to use Authenticate Introspect APIs.
Comments
0 comments
Please sign in to leave a comment.