Embedded Files
Getting Started
Getting Started
By now, you've created a Web Application integration in your identity provider to enable auth to the admin dashboard for the OAuth Modernization Gateway. In this quickstart, we will show you how to enable communication from the admin to the worker nodes leveraging the access token behind the scenes for auth.
Create Application Group
Create Application Group
Create an application group for the applications specific to enabling communication between the admin and worker nodes.
Name: Admin Application Group
Create Application
Create Application
Create an application in the Admin Application Group with the domain(s) of your worker nodes (e.g worker1.internal.com). We use default in place of the domain to signify that this application should not be restricted to a particular domain.
Type: Default
Name: Admin To Worker Application
Domain: default
Navigate to IdP Opts Management
Navigate to IdP Opts Management
Create IdP Options Group
Create IdP Options Group
Create an IdP Options group for the auth options specific to enabling communication between the admin and worker nodes.
Name: Admin Options Group
Create IdP Options
Create IdP Options
Create an options object (Admin Options), specifying the discovery endpoint and client id for the application integration in your identity provider used to enable auth for the admin dashboard.
Name: Admin Options
Discovery: {your well known config url}
Client ID: {your admin client id}
Client Secret: {value will be ignored}
Navigate back to the Application (SSL Tab)
Navigate back to the Application (SSL Tab)
Configure SSL
Configure SSL
Configure SSL for communication from the admin to the worker nodes.
Upload the cert file and any required CA certs under Certificate Management.
Type the name of the cert file for your worker in the SSL configuration
Type the name of the key file for your worker in the SSL configuration
Create the directory on each worker node and inject the key file from your vault: /usr/local/openresty/nginx/conf/ssl/certs
Navigate back to the Policy Tab
Navigate back to the Policy Tab
Create Status Policy
Create Status Policy
Create the custom policy (/omg-worker/status) to enable a protected status endpoint on each worker for the admin to call to get the status of each downstream server.
Type: Status
Policy Path: /omg-worker/status
IdP Options Name: Admin Options
Create Validate Config Policy
Create Validate Config Policy
Create the custom policy (/omg-worker/validate-config) to enable a protected validate config endpoint on each worker for the admin to call to validate the configuration on each worker.
Type: Validate Config
Policy Path: /omg-worker/validate-config
IdP Options Name: Admin Options
Navigate to the Server Status Dashboard
Navigate to the Server Status Dashboard
Configure Server Status Dashboard
Configure Server Status Dashboard
Configure the server status dashboard to leverage the integration you just created between the admin and the workers.
Server Urls: {server urls for each worker - 1 per line}
Status Endpoint Path: /omg-worker/status
Validate Config Path: /omg-worker/validate-config
Done! Deploy your workers and reload the Server Status Dashboard
Done! Deploy your workers and reload the Server Status Dashboard
Page updated
Report abuse