Login to MyApps with One Touch action

Requirements

  • MyApps configured
  • One touch configured
  • The template "myappsot.template"

Do the following steps in the ADVANCED  tab in the Configuration GUI.

Step 1 - Authentication - HTTP

Add the following configuration to “Authentication - HTTP”

{
	"alias": "myappsot",
	"id": "myappsot",
	"name": "PostUidAndPassword",
	"displayName": "Username Password",
	"configuration": {
		"enableHoneypot": "false",
		"loginTemplate": "myappsot.template",
		"successURL": "/myapps/",
		"pipeID": "myappsot"
	}
},

Change the following parameter, if needed, to your requirements 

"successURL": "/myapps/"

Step 2 - Modules

Add action

Find the "com.phenixidentity~phenix-pki" created by the One Touch scenario. 

Add the following action configuration after the following row : "guide_id": "guides.onetouch",

"actions_url": "Replace-actions_url",
"actions": [
		{
			"type": "open",
			"url": "Replace-url",
			"authentication": "jwt",
			"title": "MyApps",
			"text": "Login to MyApps"
		}
	]
{
	"name": "com.phenixidentity~phenix-pki",
	"enabled": "true",
	"config": {
		"issuer": "PhenixID",
		"ca_ref": "c4ed4b3c-712f-471e-aaaf-4fe818324a5b",
		"ca_profile": "c1667788-a453-420e-b0c8-15f1cc43da6c",
		"client_key_algorithm": "RSA",
		"client_key_size": "2048",
		"url_prefix": "https://demo.phenixid.net:8443",
		"http_configuration_ref": "0c5f7df1-2db2-42b9-8545-92a66d2fd821",
		"guide_ref": "efe738ed-5b03-4dd5-afad-5d736a59557a",
		"guide_id": "guides.onetouch",
		"actions_url": "https://demo.phenixid.net:8443",
		"actions": [
		{
			"type": "open",
			"url": "https://demo.phenixid.net/myapps/authenticate/myappsot",
			"authentication": "jwt",
			"title": "MyApps",
			"text": "Login to MyApps"
		}
	]
	},
	"id": "114b63b7-f07a-4222-ad5b-3ca86f6e0ed4"
}

Replace the following

Replace "Replace-actions_url" to your action url, example https://demo.phenixid.net:8443

Replace "Replace-url" to your url, example  "https://demo.phenixid.net/myapps/authenticate/myappsot"

Change the following parameter, if needed, to your requirements 

"title": "MyApps"

"text": "Login to MyApps"

Add module

Add the following new module

{
	"name": "com.phenixidentity~phenix-replay-cache",
	"singleton": "true",
	"config": {},
	"id": "replay"
}

Step 3 - NODE_GROUPS

Add the module “replay” to module_refs in “NODE_GROUPS” , see example below.

example

"module_refs":"replay,d55205cc-e067-4490-9e2b-dbc98459e501,f4660046-9003-4131-ae4b-3710c6b1d147,b7f370d7-f9ec-41f7-982c-408b9cbfc5a3,d802bda5-623e-4afe-b740-f318ee5683dd"

Step 4 - Pipes

Add the following section to “Pipes”

{
	"id": "myappsot",
	"valves": [
		{
			"name": "SessionLoadValve",
			"config": {
				"id": "{{request.session_id}}"
			}
		},
		{
			"name": "OTTokenVerifierValve",
			"enabled": "true",
			"config": {}
		},
		{
			"name": "FlowFailValve",
			"config": {
				"message": "Session to old",
				"exec_if_expr": "flow.items().isEmpty()"
			}
		},
		{
			"name": "SessionBindToUidValve",
			"config": {
				"userid": "{{item.subject}}"
			}
		},
		{
			"name": "SessionPersistValve",
			"config": {}
		}
	]
}

Step 5 - Template

Copy the template "myappsot.template" to the  template folder of authentication

For example "C:\Program Files\PhenixID\Server\mods\com.phenixidentity~auth-http~2.6\templates"