To use Smart API Manager as your authentication server, you make changes to the configuration files on both the application server and the Web Client server.
Application Server Configuration
The web.config file in the application server directory needs to be modified to include the settings from your Smart API.
<oauth issuer="https://[SAM_SERVER]/oauth" requiredScopes="ingr.api" />
<cors allowedOrigins="[ALLOWED_ORIGINS]" allowedMethods="*" allowedHeaders="*" exposedHeaders="" allowCredentials="true" preflightMaxAge="600" />
<service prefix="api" id="[SAM_API_ID]" secret="[SAM_API_SECRET]" instance="" />
The placeholders in the code snippet are defined below:
SAM_SERVER - Name of the Smart API Manager server
ALLOWED_ORIGINS - List of domains (with transport protocol) that are allowed to access this resource
SAM_API_ID - Smart API ID associated with this resource
SAM_API_SECRET - Smart API secret generated for this Smart API
Web Client Configuration
The Web Client settings.js file needs to be modified to include the following settings:
authorization.url - URL of the Smart API Manager OAuth end-point
authorization.clientId - Smart Client ID, created in SAM, associated with this resource
authorization.identityProvider - Can be set to a specific Identity Provider ID