Deploy OAuth configuration

The OAuth service is not available in an out-of-the-box installation (unless you have installed API Manager) and must be deployed manually using the deployOAuthConfig.py script provided in INSTALL_DIR/apigateway/samples/scripts/oauth. You can use the deployOauthConfig.py script to deploy:

  • OAuth server components
  • Sample client applications
  • OAuth client demo
Note   Before you run the deployOAuthConfig.py script, you must ensure that Apache Cassandra is installed and running, and that the Cassandra hosts have been configured in Policy Studio. For more details, see Install Apache Cassandra in the API Gateway Installation Guide.

Deploy the OAuth service

To deploy the OAuth 2.0 services listener, supporting policies, and sample applications, change directory to INSTALL_DIR/apigateway/samples/scripts, and run the deployOAuthConfig.py script as follows:

UNIX/Linux

./run.sh oauth/deployOAuthConfig.py 

Windows

run.bat oauth\deployOAuthConfig.py

This deploys the OAuth server components on port 8089, registers the sample client applications in the Client Application Registry, and deploys the client demo on port 8088.

Tip   When the script is run with no --type option, the default behavior is to deploy both the server and client components. To deploy the server components only, run the script with the --type=authzserver option. For more details on the script options, see Script options.

Deploy the OAuth client demo

API Gateway ships with a preconfigured client demo that demonstrates the use of API Gateway and Google as OpenID providers, and API Gateway as a client. The client demo is not deployed during installation and must be deployed manually using the deployOAuthConfig.py script.

To deploy the OAuth client demo, change directory to INSTALL_DIR/apigateway/samples/scripts, and run the deployOAuthConfig.py script as follows:

UNIX/Linux

./run.sh oauth/deployOAuthConfig.py --type=clientdemo 

Windows

run.bat oauth\deployOAuthConfig.py --type=clientdemo

This registers the sample client applications in the Client Application Registry, and deploys the client demo on port 8088.

For more information on the deployOAuthConfig.py script options, see Script options.

Tip    
  • If you have already deployed OAuth by running the deployOAuthConfig.py script with the default settings, the client demo is already available.
  • If you have deployed only the OAuth server configuration by running the script with the --type=authzserver option, or if you have installed API Manager, you must run the deployOAuthConfig.py script with the --type=clientdemo option to deploy the client demo.

For more information on the OAuth client demo, see API Gateway OAuth client demo.

Script options

The parameters for the script are as follows:

Option Description
-h
--help
Display help for the script.
-u USERNAME
--username=USERNAME
The administrator user name to use to connect to the topology. This is the administrator user name you entered during API Gateway installation.
-p PASSWORD
--password=PASSWORD
The password for the administrator user to connect to the topology. This is the administrator password you entered during API Gateway installation.
--port=PORT
The port the Client Application Registry is listening on. The default is 8089.
--admin=ADMIN
The administrator user name for the Client Application Registry. The default is regadmin.
--adminpw=ADMINPW
The administrator password for the Client Application Registry.
--type=TYPE

The deployment type. The options are:

  • authzserver
  • clientdemo
  • all

The default is all.

-g GROUP
--group=GROUP
The group name.
-n SERVICE
--service=SERVICE
The service name.
--importapps=IMPORTAPPS

The flag to import client applications. The options are:

  • on
  • off

The default is on.

--passphrase=PASSPHRASE
The API Gateway group passphrase.

Related Links