Contents

Popular
Contents

Icon

Gluu Server 4.2 for CentOS 7 operating system is used for this example.

Installation

Run the following commands to install:

After installation, the Gluu-server package needs to be excluded from automatic updates using the following command:

  • yum versionlock gluu-server

The Gluu Server is a chroot container, which must be started to proceed. Run the following commands to start the server and login:

  • /sbin/gluu-serverd enable
  • /sbin/gluu-serverd start
  • /sbin/gluu-serverd login

Configuration

Configuration is completed by running the setup script from inside the chroot container. This generates certificates, salt values, and renders configuration files. Run the script with the following commands:

  • cd /install/community-edition-setup
  • ./setup.py

Icon
  1. Add the configured hostname (fioiam.gluu.org) in /etc/hosts.
  2. Make sure that the identity service and oxauth service are running. Check the status using these commands:

  3. Make sure that the httpd service is running inside the chroot container.


  4. If the httpd service is not running/inactive, stop the default active httpd outside the chroot and then start httpd within chroot gluu container.

  5. While trying to access the home page of the dashboard – ({+}https://fioiam.gluu.org/identity/+), in case of:
    1. 502 gateway error, check jetty logs (oxauth and identity).
    2. out-of-memory errors, increase the -Xms and -Xmx parameters that set the lowest and highest size of the JVM heap; go to /etc/default/ to check the config files.

Endpoints

Discovery endpoint

https://fioiam.gluu.org/.well-known/openid-configuration

Authorization Code endpoint

GET http://fioiam.gluu.org/oxauth/restv1/authorize

  • Query params: response_type("code") , redirect_uri, client_id
  • Response: authorization code received as query param in redirect_url

Authorization Token endpoint

POST https://fioiam.gluu.org/oxauth/restv1/token

  • Basic Auth (client id + c;ient secret) ~ Authorization Header required
  • Body- x-www-urlencoded params: code, grant_type, redirect_uri
Sample response:

Token Introspection endpoint

POST https://fioiam.gluu.org/oxauth/restv1/introspection

  • Basic Auth (client id + client secret) ~ Authorization Header required
  • Header: Content-Type: application/x-www-form-urlencoded
  • Body: x-www-urlencoded params: token(required), response_as_jwt(optional)
Sample response:
Adaptavist ThemeBuilder EngineAtlassian Confluence