-
On the Home page, click Security> API> Authorization Servers> Add Authorization Server.
-
Type the Name, Audience, and Description and then click Save.
Setting
Example
Description
Name
SMAT Web API
The name of the authorization server
Audience
71FC520E-78DA-4EA7-96C1-164EA13FD5DO
This is a GUID generated using the GUID website http://new-guid.com. The GUID must be in upper case.
You must keep a record of the generated GUID as it is used as part of authorization server.
Description
Smart Materials Web API
The description of the authorization server
Set server custom scopes
This procedure allows you to setup the server custom scopes after the Authorization server is created.
-
On the Home page, Click Authorization Servers.
-
Select the authorization server that you just created, For example SMAT Web API.
-
Select the Scopes Tab, and then click Add Scope.
-
In Name, enter the GUID (refers to Audience in the above steps).
In Default scope, don't select Set as a default scope.
Set server custom claims
-
On the Home page, Click Authorization Servers.
-
Select the authorization server that you just created, For example SMAT Web API.
-
Select the Claims Tab, and then click Add Claims.
-
In the Add Claims, set the claims as shown in the following example.
Name
Value
Scopes
Type
Included
sub
(appuser != null) ? appuser.userName : app.clientId
Any
access
Always
email
appuser.email
Any
access
Always
-
Click Create.
Set the server access policy
-
On the Home page, Click Authorization Servers.
-
Select the authorization server that you just created, For example SMAT Web API.
-
Select the Access Policies tab, and then click Add Policy.
-
Type the Name and Description.
-
Select The following clients and then type the required client name (refers to the application name created earlier) .
-
Click Create Policy.
Set the server rule
-
On the Home page, Click Authorization Servers.
-
Select the authorization server that you just created, For example SMAT Web API.
-
Select the Access Policies tab, and then click Add Rule.
Rules allow for configuration of the token expiration based on the selected Grant Type, User and Scope.
-
Provide all the required fields, and then click Create Rule.
-
Click Settings tab and make a note of the Audience and Issuer information. This information is required to configure the Smart Materials Web API.