The Configuration Service provides several configuration options; an easy-to-use web UI, scriptable Juniper-style CLI, standards-based RESTCONF API and XML config files built for automation and large scale. Giving you a choice on how to manage configuration.
The built-in web user interface can be used to control the cluster, or as a standalone tool to prepare new configurations to be downloaded as XML and pushed out at a later stage.
A clear view of your setup
Control a cluster or use standalone
Visual profile management
The Curity Identity Server admin UI supports federated login, meaning you can use your existing login mechanism (e.g., Google). This feature also allows you to set up multi-factor authentication to access the admin UI.
A decentralized admin dashboard allows developers and operators to perform time critical tasks and react to alarms without full access to the Curity Identity Server or relying on your busy system administrators.
Developer self service removes bottlenecks
Easy access to clients, scopes and claims
Operations can view and act on alarms
The Curity Identity Server comes with a sophisticated Command Line Interface (CLI). With a complete Juniper-style CLI the DevOps team can log in to the cluster and perform advanced configuration operations over SSH or prepare update scripts pushed via deployment tools such as Puppet or Ansible. Everything you can do in the Web UI or the RESTCONF API, you can also do in the CLI.
Automate via scripts
Works with standard Emacs commands
Tab completion and history
For complete automation, the RESTCONF API can be used to update any subsystem in the Curity Identity Server. You can create new apps, or update data-backends automatically using REST calls.
Strictly validated changes
Predictable - also in production
Response formats suited for your workflow
Push out new configurations as XML to your Curity environments. This feature is useful when you want to version control your config files and deploy them in your cluster. Parameterize the XML with variables that will be replace with environment-specific values (like OAuth client secrets or redirect URIs).
<facilities xmlns="https://curity.se/ns/conf/base"> <data-sources> <data-source> <id>DefaultHSQLDBAttributeNameLookupPrimaryDomain</id> <jdbc xmlns="https://curity.se/ns/ext-conf/jdbc"> <attribute-query>SELECT * FROM "linked_accounts" WHERE "account_id" = :subject AND "linked_account_domain_name" = 'primary' </attribute-query> <connection-string>jdbc:hsqldb:hsql://localhost:9001/db</connection-string> <driver>org.hsqldb.jdbc.JDBCDriver</driver> <username>SA</username> </jdbc> </data-source> </data-sources>