Login to MyApps with One Touch action
Warning
Please note, this document is using the legacy authenticators - in order to use the new protocol agnostic authenticators, you need to apply relevant modifications to the configuration examples outlined in this article.
Requirements
- MyApps configured
- One touch configured
- The template "myappsot.template"
Do the following steps in the ADVANCED tab in the Configuration GUI.
Step 1 - Authentication - HTTP
Add the following configuration to “Authentication - HTTP”
{
"alias": "myappsot",
"id": "myappsot",
"name": "PostUidAndPassword",
"displayName": "Username Password",
"configuration": {
"enableHoneypot": "false",
"loginTemplate": "myappsot.template",
"successURL": "/myapps/",
"pipeID": "myappsot"
}
},
Change the following parameter, if needed, to your requirements
"successURL": "/myapps/"
Step 2 - Modules
Add action
Find the "com.phenixidentity~phenix-pki" created by the One Touch scenario.
Add the following action configuration after the following row : "guide_id": "guides.onetouch",
"actions_url": "Replace-actions_url",
"actions": [
{
"type": "open",
"url": "Replace-url",
"authentication": "jwt",
"title": "MyApps",
"text": "Login to MyApps"
}
]
{
"name": "com.phenixidentity~phenix-pki",
"enabled": "true",
"config": {
"issuer": "PhenixID",
"ca_ref": "c4ed4b3c-712f-471e-aaaf-4fe818324a5b",
"ca_profile": "c1667788-a453-420e-b0c8-15f1cc43da6c",
"client_key_algorithm": "RSA",
"client_key_size": "2048",
"url_prefix": "https://demo.phenixid.net:8443",
"http_configuration_ref": "0c5f7df1-2db2-42b9-8545-92a66d2fd821",
"guide_ref": "efe738ed-5b03-4dd5-afad-5d736a59557a",
"guide_id": "guides.onetouch",
"actions_url": "https://demo.phenixid.net:8443",
"actions": [
{
"type": "open",
"url": "https://demo.phenixid.net/myapps/authenticate/myappsot",
"authentication": "jwt",
"title": "MyApps",
"text": "Login to MyApps"
}
]
},
"id": "114b63b7-f07a-4222-ad5b-3ca86f6e0ed4"
}
Replace the following
Replace "Replace-actions_url" to your action url, example https://demo.phenixid.net:8443
Replace "Replace-url" to your url, example https://demo.phenixid.net/myapps/authenticate/myappsot
Change the following parameter, if needed, to your requirements
"title": "MyApps"
"text": "Login to MyApps"
Add module
Add the following new module
{
"name": "com.phenixidentity~phenix-replay-cache",
"singleton": "true",
"config": {},
"id": "replay"
}
Step 3 - NODE_GROUPS
Add the module “replay” to module_refs in “NODE_GROUPS” , see example below.
example
"module_refs":"replay,d55205cc-e067-4490-9e2b-dbc98459e501,f4660046-9003-4131-ae4b-3710c6b1d147,b7f370d7-f9ec-41f7-982c-408b9cbfc5a3,d802bda5-623e-4afe-b740-f318ee5683dd"
Step 4 - Pipes
Add the following section to “Pipes”
{
"id": "myappsot",
"valves": [
{
"name": "SessionLoadValve",
"config": {
"id": "{{request.session_id}}"
}
},
{
"name": "OTTokenVerifierValve",
"enabled": "true",
"config": {}
},
{
"name": "FlowFailValve",
"config": {
"message": "Session to old",
"exec_if_expr": "flow.items().isEmpty()"
}
},
{
"name": "SessionBindToUidValve",
"config": {
"userid": "{{item.subject}}"
}
},
{
"name": "SessionPersistValve",
"config": {}
}
]
}
Step 5 - Template
Copy the template "myappsot.template" to the template folder of authentication
For example C:\Program Files\PhenixID\Server\mods\com.phenixidentity~auth-http~2.6\templates