...
Examine the authorization-server.properties file and ensure that all relevant parameters and values are set correctly. The file is located at
$MZ_HOME/etc/authorization-server/authorization-server.properties
. Please note that if you are using ‘file-based’ as storage, you do not need to manually create the folder as specified instorage.file-based.storage-location
, as it will be automatically created during platform startup.Code Block enabled=false # -------------------------------------------------------------------------------- # Storage Properties # -------------------------------------------------------------------------------- # Only used when storage type is "database". PostgreSQL or Oracle DB only storage.database.profile-name=<Path.DBProfileName> storage.database.poolsize=8 # Only used when storage type is "file-based" storage.file-based.storage-location=/path/to/file/storage # The storage type can be either "file-based" or "database" storage.type=file-based # -------------------------------------------------------------------------------- # Server Properties # -------------------------------------------------------------------------------- # Validity period in seconds for access token generated server.access-token-expiry=1800 # -------------------------------------------------------------------------------- # Management Api Properties # -------------------------------------------------------------------------------- management-api.enable-basic-auth=true # HTTP Basic Authentication Password management-api.password=<password> # HTTP Basic Authentication Username management-api.username=<username> # -------------------------------------------------------------------------------- # JSON Web Token (JWT) Properties # -------------------------------------------------------------------------------- jwt.key-id=jwt jwt.key-password=<password> jwt.keystore-location=/path/to/keystore jwt.keystore-password=<password> # Only RS256, RS384 and RS512 are supported jwt.signature-algorithm=RS256
The following is an example of parameters that have been configured accordingly to the requirements.
Code Block enabled=true # -------------------------------------------------------------------------------- # Storage Properties # -------------------------------------------------------------------------------- # Only used when storage type is "database". PostgreSQL or Oracle DB only storage.database.profile-name=<Path.DBProfileName> storage.database.poolsize=8 # Only used when storage type is "file-based" storage.file-based.storage-location=/Users/limyizhan/Workspace/mz9/mz-drx/mediationzone/storage/oauth2.storage # The storage type can be either "file-based" or "database" storage.type=file-based # -------------------------------------------------------------------------------- # Server Properties # -------------------------------------------------------------------------------- # Validity period in seconds for access token generated server.access-token-expiry=1800 # -------------------------------------------------------------------------------- # Management Api Properties # -------------------------------------------------------------------------------- management-api.enable-basic-auth=true # HTTP Basic Authentication Password management-api.password=DR-4-6912EB66E4E5FDF6035DBF848195669A # HTTP Basic Authentication Username management-api.username=mzadmin # -------------------------------------------------------------------------------- # JSON Web Token (JWT) Properties # -------------------------------------------------------------------------------- jwt.key-id=selfsigned jwt.key-password=DR-4-6912EB66E4E5FDF6035DBF848195669A jwt.keystore-location=/Users/limyizhan/Downloads/keystore_server.jks jwt.keystore-password=DR-4-6912EB66E4E5FDF6035DBF848195669A # Only RS256, RS384 and RS512 are supported jwt.signature-algorithm=RS256
See Authorization Server Properties for an example of the parameters.
Startup the platform to enable the Authorization Server.
Code Block $ mzsh startup platform
To enable the https for Authorization Server, refer to see HTTP Encryption.