Configure a Client

Configure a Client

tutorials

Different clients that enable different capabilities can be configured in the Curity Identity Server. In this tutorial we will walk through how to configure a client that will enable the popular code flow. The approach to creating clients that enables other flows would follow the same approach.

This tutorial will show you how to configure your first client in the Curity Identity Server. Some configuration will depend on the tool you will choose for testing. Whenever this is the case you will be presented with tabs for the different options. Be sure to use the appropriate configuration variation.

Setup in Curity

Visit the Profiles screen and click the Token Service. On the left select Clients and click New Client.

New Client

Give the client an ID (eg. www for a website client).

New Client

Capabilities

Scroll down to the Capabilities section and click Add capabilities.

Capabilities

Select the Code Flow capability and click Next.

Code Flow

Redirect URI

The redirect URI is back at the client. If you don’t know what you will use just enter https://localhost/callback for now. This can be changed later if needed. The tabs below outlines configurations for a couple of different approaches for testing the client.

The callback URI for OAuth.tools can be added by clicking the Add Redirect URIs button.

Redirect URI

When using the OAuth Assistant for testing use the following configuration.

Redirect URI

When testing with cURL we can use https://localhost/callback as the callback URI.

Redirect URI

Client Authentication

For client authentication select secret and enter a secret. Make sure to remember it since it cannot be retrieved later again (but can be reset).

Secret

For client authentication select no-authentication. This will effectively create a public client.

No Authentication

For client authentication select secret and enter a secret. Make sure to remember it since it cannot be retrieved later again (but can be reset).

Secret

User Authentication

For user authentication select the authenticator created in the authenticator tutorial.

User Authentication

Add the openid Scope

We will also run the OpenID Code flow, so add the openid scope to the client by scrolling down to the Permissions section of the client.

Add Scope

Commit

Make sure to commit the changes in the Changes -> Commit menu.

Next Steps

At this point the system should be configured with a working client. The next step would be to test the configuration. There are several ways to test and the approach depends on where Curity is running. Here’s a few options that should cover most scenarios.

Test using OAuth.toolsTest using OAuth AssistantTest using cURL

Let’s Stay in Touch!

Get the latest on identity management, API Security and authentication straight to your inbox.

Keep up with our latest articles and how-tos using RSS feeds