Customize Login / Logout SMA Pages with Native REST Apps

  • Document ID:KM03764469
  • Creation Date:23-Nov-2020
  • Modified Date:23-Nov-2020

Summary

Customize Login / Logout SMA Pages with Native REST Apps

Question

Since google deprecated Postman extension it is necessary to use Native Apps:

https://blog.postman.com/going-native/

Answer

In order to use Native apps follow these steps:

Prerequisites:
1.  Get the Password for the user:  idmTransportUser
Get the <basic_auth_password>:
      1.  Identify the pod name for IDM:
       kubectl get pod -n <namespace>
       grep ˆidm
       2.  Go into the IDM pod:
      kubectl exec -it <pod-name> -n <namespace> -c idm -- /bin/sh
      3.  Execute the following command to get <basic_auth_password>:
      get_secret idm_transport_user_password_secret_key
      4.  Exit the pod.
** NOTE:  There is no need to continue with encoding  idmTransportUser:<basic_auth_password> as Postman will encode the <Password>
2.  install Native Postman
3.  Configure Certificates:
Settings -> Certificates
I set the following:
Host:  FQDN of the Master node
CRT File:  certificate of master node
Key File:  RSA key of the master node

Steps:
1.  Add a New Collection
2.  Add a Request to the new Collection - Get the API request auth token
      a.  set action and URL
      POST  https://<MASTER NODE FQDN>/idm-service/v2.0/tokens/
      b.  set Authorization tab
      Type:  Basic Auth
      Username:  idmTransportUser
      Password:  <value from get_secret idm_transport_user_password_secret_key>
**NOTE:  An example returned as PASS=pwkDXROEwertSU_P.  Only the "pwkDXROEwertSU_P" is used. On the Headers tab, the password will be encoded for you.
      c.  Set Headers tab
      Key:  Content-Type
      Value:  application/json
      d:  Set the Bod tab
      choose raw
      enter the following in the body
     {
      "passwordCredentials":{
      "username": "admin",
      "password": "<admin_password>"
      },
     "tenantName": "Provider"
     }

**NOTE:  The value in "<admin_password>" is the value returned from get_secret idm_transport_user_password_secret_key.  Just remove the "PASS=" like before on the authorization tab.
d:  click Send
e.  the Token is in the "id:" part
3.  Example:  Add a Request to the collection - Get Family Name
a.  set action and URL
GET  https://<MASTER NODE FQDN>/idm-service/api/scim/organizations/123531096/metadata/familyName
b.  set Authorization tab
Type:  No Auth
c.  Set Headers tab
Key:  Content-Type
Value:  application/json
Key:  X-AUTH-TOKEN
Value:  <Value of Token from step 2 above>
d:  click Send 
e:  results:  the value in returned
4.  Example:  Add a Request to the collection - Set Family Name
a.  set action and URL
PUT  https://<MASTER NODE FQDN>/idm-service/api/scim/organizations/123531096/metadata/familyName
b.  set Authorization tab
Type:  No Auth
c.  Set Headers tab
Key:  Content-Type
Value:  application/json
Key:  X-AUTH-TOKEN
Value:  <Value of Token from step 2 above>
d:  Set the Bod tab
choose raw
enter the following in the body
{
 "key": "familyName",
 "username": "admin",
 "value": "My New Family Name"
}
d:  click Send 
e:  results:  the value is set.  rerunning step 3 above will show the new value or go to the Tenant login page