Components that need to be configured
Create an application.yaml file under /deployments/config/ inside the Docker container running the uid-server. The following 3 components must be configured:
- Database connection details.
- TLS settings for connecting client applications.
- A SCIM resource.
Database connection details
Create a datasource block in application.yaml containing the db-kind, the jdbc url and the username/password.
datasource:
db-kind: "postgresql"
jdbc:
url: "jdbc:postgresql://localhost:5432/postgres"
max-size: 16
username: "postgres"
password: "password"
TLS settings
Set the port, the server key store and the server trust store.
http:
ssl-port: '7644'
ssl:
client-auth: "required"
certificate:
key-store-file: server.keystore
key-store-password: "password"
trust-store-file: server.truststore
trust-store-password: "password"
SCIM resource
Add a SCIM resource:
resources: [
{
id: "User",
name: "User",
description: "Core User Resource",
endpoint: "Users",
schema: "urn:ietf:params:scim:schemas:universalid:User",
schemaExtensions: [
{
schema: "urn:ietf:params:scim:schemas:universalid:extension:device:User",
required: false
}
]
}
]
Now add the definitions for the above schemas:
schemas: [
{
id: "urn:ietf:params:scim:schemas:core:2.0:User",
name: "User",
description: "Minimal User Schema",
attributes: [
{
name: "userName",
type: "string",
multiValued: false,
description: "Username",
required: true,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "server"
},
{
name: "name",
type: "complex",
multiValued: false,
description: "User full name",
required: true,
subAttributes: [
{
name: "givenName",
type: "string",
multiValued: false,
description: "The given name of the User",
required: false,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
},
{
name: "familyName",
type: "string",
multiValued: false,
description: "The family name of the User, or last name.",
required: false,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
}
],
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
},
{
name: "active",
type: "boolean",
multiValued: false,
description: "A Boolean value indicating the User's
administrative status.",
required: false,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
},
{
name: "password",
type: "string",
multiValued: false,
description: "The User's password.",
required: false,
caseExact: true,
mutability: "writeOnly",
returned: "never",
uniqueness: "none"
},
{
name: "emails",
type: "complex",
multiValued: true,
description: "Email addresses for the user.",
required: false,
subAttributes: [
{
name: "value",
type: "string",
multiValued: false,
description: "Email address value.",
required: true,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
},
{
name: "primary",
type: "boolean",
multiValued: false,
description: "A Boolean value indicating the 'primary'
or preferred attribute value. The primary attribute value
'true' MUST appear no more than once.",
required: false,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
}
],
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
},
{
name: "phoneNumbers",
type: "complex",
multiValued: true,
description: "Phone numbers for the User.",
required: false,
subAttributes: [
{
name: "value",
type: "string",
multiValued: false,
description: "Phone number of the User.",
required: false,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
},
{
name: "primary",
type: "boolean",
multiValued: false,
description: "A Boolean value indicating the 'primary'
or preferred attribute value. The primary attribute value
'true' MUST appear no more than once.",
required: false,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
}
],
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
}
]
},
{
id: "urn:ietf:params:scim:schemas:universalid:extension:device:User",
name: "Device",
description: "User Device Extension",
attributes: [
{
name: "deviceName",
type: "string",
multiValued: false,
description: "Device name",
required: false,
caseExact: false,
mutability: "readWrite",
returned: "default",
uniqueness: "none"
}
]
}
]
That's it! You can start the uid-server now and start creating users from your application.
