Configuring the DBMS for FIM
Setting up the DBMS for FIM involves configuring specific parameters. To configure the DBMS for FIM, follow these steps:
1. Provide the absolute path to the Python script ingvalidacctkn:
iisetres ii.iipmhostname.gcf.fim_auth_program absolute_path_to_ingvalidacctkn
2. Configure the client ID, client secret, userinfo endpoint and token endpoint:
iisetres ii.iipmhostname.gcf.custom_client_id clientID
iisetres ii.iipmhostname.gcf.custom_client_secret clientSecret
iisetres ii.iipmhostname.gcf.custom_userinfo userinfoEndpoint
iisetres ii.iipmhostname.gcf.custom_idp tokenEndpoint
3. Restart the DBMS.
Note: iipmhostname is the output of iipmhost.
The Python script ingvalidacctkn is present in the bin directory within the Ingres directory of II_SYSTEM location. The absolute path for the Python script must include the script for example, /opt/actian/ingres/bin/ingvalidacctkn. The userinfo and token endpoints can be queried from the FIM servers administration GUI or REST API. For example, the Keycloak server may have these endpoints for a realm named "ingres":
Userinfo: https://hostname:8443/realms/ingres/protocol/openid-connect/userinfo
Token: https://hostname:8443/realms/ingres/protocol/openid-connect/token
Note: The iisufim program resides in the directory $II_SYSTEM/ingres/utility and can be used for configuring FIM in Actian Data Cloud platform. You can ignore this program for the on-premise usage.
Last modified date: 12/19/2024