Security
The security adapter facilitates integration with Keycloak, Auth0 and other identity providers, simplifying the adoption of security in APIs and Web services.
The Devprime Platform Security Adapter supports security certificates for sharing on replicas of the application within the Kubernetes cluster.
|
|
In the example below, we are detailing the default Adapter settings, Keycloak specific settings
and Data Protection.
| General | — |
|---|---|
| Enable | Enable the Stream adapter (True/False) |
| Identity | – |
| Enable | Enable Identity (True/False) |
| Type | Defines which identity provider (Keycloak |
| Domain | Identity provider onboarding context |
| ClientId | Client name created in the identity provider “myapp” |
| ClientSecret | Customer Credential in Identity Provider |
| EnableOIDC | Enable OIDC (True/False) Authentication |
| AuthenticationScheme | “OpenIdConnect” Authentication Scheme |
| Audience | Audience on the identity provider “myapp” |
| LogoutUri | URL for logging out and returning to the application |
| Scopes | Information sent by the identity provider “openid; email” |
| DataProtection | – |
| Enable | Enables Data Protection (True/False) feature |
| CertFilePath | Configure the pfx |
| DataProtectionPath | Configure a folder to use Data Protection |
| CertFilePassword | Enter the password of the certificate |
Important Considerations:
- Data Protection is required on the cluster with replicas to ensure security. The pfx file must be inside an accessible storage mounted in the container.
- When creating the Data Protection certificate, be aware of the expiration date.
- Data Protection can be enabled locally on the developer’s machine to test the certificate.
Explore implementation examples:
Last modified August 20, 2024 (2f9802da)