API connection¶
Onegini CIM API connection¶
This section describes the properties that are needed to connect Onegini Customer Service with Onegini CIM.
Connection properties¶
| Property | Default | Example | Description |
|---|---|---|---|
| ONEGINI_IDP_CCC_IDP_PROTOCOL | http | http or https | Protocol for Onegini CIM |
| ONEGINI_IDP_CCC_IDP_HOST | dev.onegini.me | Host for Onegini CIM | |
| ONEGINI_IDP_CCC_IDP_PORT | 80 | 80, 443 | Port for Onegini CIM |
| ONEGINI_IDP_CCC_IDP_PERSON_API_BASE_URI | ${ONEGINI_IDP_CCC_IDP_PROTOCOL}://${ONEGINI_IDP_CCC_IDP_HOST}:${ONEGINI_IDP_CCC_IDP_PORT}/api/persons | Base URI for Onegini CIM Person API calls. Should not end with a / | |
| ONEGINI_IDP_CCC_IDP_PERSON_API_USERNAME | Username for Onegini CIM Person API calls | ||
| ONEGINI_IDP_CCC_IDP_PERSON_API_PASSWORD | Password for Onegini CIM Person API calls | ||
| ONEGINI_IDP_CCC_IDP_PERSON_API_MAX_RESULTS | 50 | Threshold for search queries in Onegini CIM API | |
| ONEGINI_IDP_CCC_IDP_EVENTS_API_USERNAME | Username for Onegini CIM Events API calls | ||
| ONEGINI_IDP_CCC_IDP_EVENTS_API_PASSWORD | Password for Onegini CIM Events API calls | ||
| ONEGINI_IDP_CCC_IDP_EVENTS_API_BASE_URI | ${ONEGINI_IDP_CCC_IDP_PROTOCOL}://${ONEGINI_IDP_CCC_IDP_HOST}:${ONEGINI_IDP_CCC_IDP_PORT}/api/events | Base URI for Onegini CIM Events API calls. Should not end with a / | |
| ONEGINI_IDP_CCC_IDP_EVENTS_API_PAGE_SIZE | 50 | Maximum number of events that are returned in a single query | |
| ONEGINI_IDP_CCC_IDP_CONFIGURATION_API_USERNAME | Username for Onegini CIM Configuration API calls | ||
| ONEGINI_IDP_CCC_IDP_CONFIGURATION_API_PASSWORD | Password for Onegini CIM Configuration API calls | ||
| ONEGINI_IDP_CCC_IDP_STATISTICS_API_BASE_URI | ${ONEGINI_IDP_CCC_IDP_PROTOCOL}://${ONEGINI_IDP_CCC_IDP_HOST}:${ONEGINI_IDP_CCC_IDP_PORT}/api/statistics | Base URI for Onegini CIM Statistics API calls. Should not end with a / | |
| ONEGINI_IDP_CCC_IDP_STATISTICS_API_USERNAME | Username for Onegini CIM Statistics API calls | ||
| ONEGINI_IDP_CCC_IDP_STATISTICS_API_PASSWORD | Password for Onegini CIM Statistics API calls | ||
| IDP_API_SECURITY_USERNAME | Username for Onegini CIM API calls | ||
| IDP_API_SECURITY_PASSWORD | Password for Onegini CIM API calls | ||
| IDP_CREDENTIALSAPI_SECURITY_USERNAME | Username for Onegini CIM Credentials API calls | ||
| IDP_CREDENTIALSAPI_SECURITY_PASSWORD | Password for Onegini CIM Credentials API calls |
Person custom attributes¶
Onegini CIM supports "custom attributes" to add extra information to a Person like a loyalty card number or some other internal reference. These custom attributes can be used to lookup a user. To find users by these custom attributes they must be configured in Onegini Customer Service.
Property name: ONEGINI_IDP_CCC_IDP_PERSON_API_CUSTOM_ATTRIBUTES_ + name of the customAttribute
The value of this environment variable is used as label.
Example:
ONEGINIIDPCCC_IDP_PERSONAPI_CUSTOMATTRIBUTES_INSURANCEPOLICY=Insurance policy
If a custom attribute contains an underscore character (_), Spring converts it to a dot character (.).
To avoid that, the configuration needs to be provided using Java Options:
-Donegini-idp-ccc.idp.person-api.customattributes.[insurance_policy]=Insurance policy
When ONEGINIIDPCCC_IDP_PERSONAPI_CUSTOMATTRIBUTES_<custom_attribute_name> is defined in Onegini Customer Service, then only Onegini CIM API is queried to retrieve the custom attribute value.
When ONEGINIIDPCCC_IDP_PERSONAPI_CUSTOMATTRIBUTES_<custom_attribute_name> is NOT defined in Onegini Customer Service and -Dccc.modules.person.searchKeys[0].attributeName=<custom_attribute_name>" is defined in the extension then Onegini Customer Service calls the extension API first and for each record it queries Onegini CIM API for additional attributes. So if extension does not return any data, Onegini CIM API is not called and user is not present in Onegini Customer Service.
Onegini Customer Service Extension API connection¶
Onegini Customer Service gives the possibility to retrieve some data from the extension and this section describes the environment variables that are needed. Keep in mind that the extension also needs to be configured to work with Onegini Customer Service Extension API (please check the extension's documentation for the required environment variables).
Connection properties¶
| Property | Default | Example | Description |
|---|---|---|---|
| ONEGINI_IDP_CCC_EXTENSION_ENABLED | false | true/false | Defines whether the integration with the extension is enabled. |
| ONEGINI_IDP_CCC_EXTENSION_MAX_RESULTS | 50 | Threshold for search queries in Extension API | |
| ONEGINI_IDP_CCC_EXTENSION_PROTOCOL | http | http/https | Protocol for Extension API |
| ONEGINI_IDP_CCC_EXTENSION_HOST | example.org | Host for Extension API | |
| ONEGINI_IDP_CCC_EXTENSION_PORT | -1 | 8080 | Port for Extension API |
| ONEGINI_IDP_CCC_EXTENSION_USERNAME | Username for Extension Basic Auth | ||
| ONEGINI_IDP_CCC_EXTENSION_PASSWORD | Password for Extension Basic Auth | ||
| ONEGINI_IDP_CCC_EXTENSION_BASE_URI | ${ONEGINI_IDP_CCC_EXTENSION_PROTOCOL}:// ${ONEGINI_IDP_CCC_EXTENSION_HOST}: ${ONEGINI_IDP_CCC_EXTENSION_PORT} |
Base URI for Extension API calls. Should not end with a / |
Extension configuration¶
Profile attributes filtering based on predefined attributes names:
ID, EMAIL_ADDRESSES, ADDRESSES, PHONE_NUMBERS, PREFERRED_LOCALE, GENDER, DISPLAY_NAME
and should be used in extension configuration.
Example:
ccc.modules.person.cim.detailProfileAttributes[0].attributeName=PHONE_NUMBERS
ccc.modules.person.cim.detailProfileAttributes[1].attributeName=PREFERRED_LOCALE
ccc.modules.person.cim.detailProfileAttributes[2].attributeName=EMAIL_ADDRESSES
ccc.modules.person.cim.detailProfileAttributes[3].attributeName=DISPLAY_NAME
Onegini Token Server integration¶
Onegini Customer Service is capable of integrating with the Onegini Token Server.
Connection properties¶
The connection requires API client in the Onegini Token Server that give access to the relevant APIs. Consult the documentation of a specific feature for a list of required scopes.
| Property | Example | Description |
|---|---|---|
| TOKEN_SERVER_API_BASE_URI | https://token-server.example.com/oauth | Base URI for the engine of Onegini Token Server. |
| TOKEN_SERVER_API_USERNAME | The Client ID of the API client configured within the Onegini Token Server. | |
| TOKEN_SERVER_API_PASSWORD | The Client Secret of the API client configured within the Onegini Token Server. | |
| TOKEN_SERVER_API_DEVICE_API_VERSION | v4 | The version of the Token Server device API. Allowed are v3 or v4. The default value is v4. |