Enabling OAuth in Address Manager - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

Enabling OAuth secures the Address Manager API through the use of access tokens issued by the authorization server. An access token represents the authorization of an API client to access the Address Manager API. Once you enable OAuth in Address Manager, you must also enable OAuth on the API client. For example, if you are using BlueCat Gateway, you must update its workflows and endpoints to use OAuth for access to the Address Manager API. Automated scripts must also be updated to use OAuth.

Before you Begin

To enable OAuth, you need the following:
  • Address Manager v9.2.0 or greater
  • Open port 443 in Address Manager and the authorization server
  • Address Manager can access the authorization server either on premises or cloud
  • Register Address Manager as a resource server in the authorization server
  • Register Address Manager as a client in the authorization server (OneLogin only)

What Address Manager needs from your Authorization Server

To enable OAuth authorization, you need the following from your authorization server:
  • user claim name
  • group claim name
  • email claim name
  • client ID
  • client secret
  • introspection endpoint

    OR

  • XML file or URL to obtain the signing certificate. For more information, refer to the following: