User Portal Configuration

From idenprotect Knowledge Base
Revision as of 16:05, 20 April 2020 by GrahamSant (talk | contribs) (Created page with "Category:Configuration Category:Step_By_Step Category:IDENprotect_User_Portal __TOC__ If you have not made any configuration changes yet, please see '''How to m...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

If you have not made any configuration changes yet, please see How to make configuration changes

Introduction

By default, the iDENprotect User Portal is configured to work with the iDENprotectserver and iDENprotect Identity Provider all installed on the same server.

This article discusses the configuration of the iDENprotect User Portal and is primarily focussed on how it communicates with the iDENprotectserver. Note that changes made to this configuration will require the iDENprotect User Portal to be restarted in order to pick up the new changes.


User Portal Configuration

These settings are configured under: -

  • Server file system in /etc/idenprotect/userportal/userportal.properties
User Portal Configuration
Parameter in Properties File Description
target.domain The target base URL where the User Portal will direct traffic. Defaulted to http://localhost:8081
target.username The username used to communicate with the target
target.password The password used to communicate with the target
target.enforceSSL Whether or not the target enforces SSL. Defaulted to false
target.ssl.protocol The SSL protocol to use when communicating with the target. Defaulted to TLSv1.2
target.devices_backend_sync 1000


API Configuration

The following list of API properties are also present in the userportal.properties file. These properties, when concatenated with the target.domain are used to direct the traffic from the User Portal to the iDENprotectserver. In general, these should not be modified unless you have third party software which is further redirecting traffic onwards to these APIs.

  • target.enrolment_initiate_endpoint=/api/enrollment/initiate
  • target.server.certificate.details_endpoint=/api/certificate/server/details
  • target.enrolment_identification_endpoint=/api/enrollment/identification
  • target.enrolment_completion_endpoint=/api/enrollment/completion
  • target.enrolment_email_endpoint=/api/user/registerEmail
  • target.enrolment_session_endpoint=/api/user/enrollment/session/
  • target.enrolment_create_session_by_attribute_endpoint=/api/user/createSessionByAttribute/
  • target.enrolment_endpoint=/api/user/enroll
  • target.enrolment_extra_cert_endpoint=/api/signedenrollment/extraCert/{tag}
  • target.enrolment_unsigned_extra_cert_endpoint=/api/enrollment/extraCert/
  • target.register_device_endpoint=/api/devices/register1
  • target.authentication.session=/api/authentication/session
  • target.authentication.device.session=/api/authentication/session/device
  • target.authentication.certify=/api/authentication/certify
  • target.devices=/api/devices
  • target.devices_time_sync=/api/time/sync
  • target.user.password.reset=/api/ldap/passwordReset
  • target.enrolment.policies=/api/userpolicies/policies
  • target.device.pin.reset=/api/pin/reset/
  • target.devices.remove=/api/device/remove
  • target.devices.list=/api/devices/list
  • target.devices.addP12=/api/good/devices/{serialNumber}/certificates/{tag}