-
Notifications
You must be signed in to change notification settings - Fork 75
Docs v2 Outline
Mike Schwartz edited this page Jul 20, 2022
·
101 revisions
-
Deployment and Planning Guide
- Platform Goal
- Use Cases
- Components
- Kubernetes
- VM Cluster
- VM Single Instance
- Persistence
- Caching
- Security Best Practices
- Load Balancers
- Certificates / Keys
- DNS
- Multi-tenancy
- Benchmarking
- Application Portal
- Discovery
- Customization / Localization
- Timeout Management (Sessions, Tokens, Applications)
- Identity Management
- Self-Service Password / 2FA Portal
- Identity Access Governance
- Role Based Access Management
- Integration with a central Authorization Service
- Stepped-up Authentication / Adaptive Authentication
- Delegated User Administration
- Passwordless Authentication
- Authenticating non-humans (Machine-to-Machine)
- FAQ
-
Installation
- VM
- VM requirements
- Ubuntu
- EL 8
- Suse
- RHEL 8 DISA STIG
- Dynamic Download
- Helm Deployments
- Local Kubernetes Cluster
- Amazon EKS
- Google GKE
- Microsoft Azure AKS
- Red Hat Open Shift
- Using Rancher Marketplace
- CORS configuration
- FAQ
- VM
-
Kubernetes Operation Guide
- Scaling
- Upgrading
- Backup and Restore
- Certificate Management
- Customization's
- Secret and Configuration reference
- Image reference
- Start order
- Logs
- Health Check
- FAQ
-
VM Operation Guide
- Running setup
- Backup
- Logs
- Checking service status
- Restarting services
- Managing key rotation
- Certificates
- Web services
- FAQ
-
Configuration Guide
- Configuration CLI
- Interactive mode
- Batch mode
- CURL Cheat Sheet
- SCIM CLI
- Configuration CLI
-
Auth Server Admin Guide
- Configuration
- JSON Properties
- JVM considerations
- Session Management
- What is a session
- IDP v. RP sessions
- Multiple sessions in one browser
- Multiple browser sessions
- Tokens
- OAuth Access Tokens
- OAuth Refresh Tokens
- OpenID id_token
- OpenID Userinfo token
- UMA RPT Token
- Endpoints
- Configuration endpoint
- Client Registration Endpoint
- Authorization endpoint
- acr_values param
- Custom request params
- Token endpoint
- Userinfo endpoint
- Token revocation endpoint
- Session revocation endpoint
- End session endpoint
- Clientinfo endpoint
- Introspection endpoint
- Device authorization
- Backchannel authentication endpoint
- Crypto
- Supported cryptographic Algorithms
- Local PKCS key storage
- Jans Eleven configuration
- Key rotation
- Manual key regeneration
- OpenID features
- Pairwise / Public subject identifiers
- id_token (include claims)
- ACRs
- Request objects
- Prompt parameter
- Consent
- Customize
- List / Delete Consents for Person
- CIBA
- JARM
- SIOP
- User Claims (Attributes)
- Built-in claims
- Adding custom claims
- Claim uniqueness / validation
- Logout
- Front Channel
- Back Channel
- Customizing logout
- Forcing logout on browser exit
- WebCM based logout with Chrome
- OAuth features
- Password grant
- Device grant
- Client credential grant
- PKCE
- DPoP
- MTLS
- PAR
- UMA features
- overview
- RPT endpoint
- claims gathering endpoint
- Client Management
- Client schema (standard / custom)
- Client registration
- Client authentication
- Access tokens
- Refresh tokens
- Scopes
- Redirect URIs
- Grant Types
- Software Statements
- Sector Identifier
- International
- Web Pages (Login, Consent etc)
- Client Configuration
- Scope descriptions
- Reporting / Metrics
- Health
- Monthly active users
- Failed / Successful authentications
- Tokens issued
- Counts of Users, Clients
- Logging
- Standard logs
- Log Levels
- Audit logs
- Custom logs
- log4j2 configuration
- Configuration
-
Developer Guide
- Agama
- Interception Script Overview
- Testing / Debugging scripts
- External Libraries
- Front Channel Scripts
- Back Channel Scripts
- Customization
- Message files
- Error Pages
- Login / Consent Pages
- Internationalization (language support)
- Scripts
- Person Authentication
- Consent Gathering
- Post Authentication
- id_token
- Resource Owner Password Credentials
- CIBA End User Notification
- OpenID Configuration
- Dynamic Scope
- Spontaneous Scope
- Application Session
- End Session
- Client Registration
- Introspection
- Update Token
- Revoke Token
- ID Generator
- UMA RPT Policies
- UMA Claims Gathering (Web Flow)
- UMA Claims (JWT Transformation)
- SCIM
- Persistence
- Config API
-
Reference
- OpenAPI Documentation
- Database Schema / Operational Basics
- LDAP
- Schema
- Configuration
- Operation
- Namespace Diagram (DIT)
- Couchbase
- Schema
- Configuration
- Operation
- Buckets
- MySQL
- Schema
- Configuration
- Operation
- Spanner
- Schema
- Configuration
- Operation
- Postgres
- Schema
- Configuration
- Operation
- Converting data (e.g. from LDAP to MySQL)
- LDAP
- JSON Configuration / Properties
- Auth Server
- FIDO
- SCIM
- Client-API
- Config API
- Javadocs
- Command Line Interface (CLI)
- Interactive Mode
- Script Mode
- Authentication via Device Flow
- Kubernetes
- Config and Secret Keys
- Image Config Properties
- Config Init
- Auth Server
- Config API
- FIDO
- SCIM
- Client API
- Persistence
- Gluu Cert Manager
- Gluu OpenDJ
-
Jans Eleven Admin Guide
- Overview / Architecture
- Supported Algorithms
- Swagger
- How to Configure (properties?)
- Logs
- Monitoring (sig|enc operations / other stats?)
- Health
- Testing with SoftHSM
- Testing with Amazon CloudHSM
- Testing with Google Cloud Key Management
- Testing end-to-end with Auth Server
-
FIDO Admin
- Configuration
- Vendor metadata management
- Key management / rotation
- Logs
- Monitoring
- Support for USB authenticators
- Support for platform authenticators
- Support for Bluetooth authenticators
- SCIM Extension to Add/Delete device for Person
-
SCIM Admin Guide
- Configuration
- Logs
- Monitoring
- OAuth protection
- Security considerations
- Bulk adding users
- Adding Custom Attributes
-
Client API Admin Guide
- OAuth Features
- OpenID Connect Features
- UMA Features
- SIOP Features
- Swagger
- Configuration
- Logs
- Monitoring
- Key management
- SDKs
- Java
-
Config API Admin
- Swagger
- Configuration
- Security
- Logs
- Monitoring
- Plugins
-
Janssen Recipes
- Returning Group / Role User information
- Passwordless
- Forcing re-authentication
- Web Applications
- Mobile Applications
- Single Page Applications
- Impersonation
- Social Login
- Inbound SAML
- Registration
- Password Expiration
- Temporarirly locking or permanently disabling accounts
- Forgot Password
- SMS
- Adaptive Authentication
- API Access Control
- Access tokens: reference tokens versus value tokens (aka JWT's)
- Client Credential Grant Flow
- Using scopes to manage extent of Access
- Adding user claims into access tokens
- Software Statements: trusted client registration
- Using OAuth with API Gateways
- Using OPA and access tokens
- Swagger / OpenAPI best practices for security
- FAPI
- Open Banking Requirements / Federation Operator Role
- Client Registration
- FAPI Authentication Request
- Custom Web Development
- Protecting a website with mod_auth_openidc
- AppAuth iOS
- AppAuth Android
- AppAuth JS
- Node
- React
- React Native
- Angular
- Spring Boot
- Django
- Flask
- ASP .Net
- SAML
- SSO with SAML SP's
- Shibboleth IDP with Gluu Server 4
- SimpleSAML PHP
- Federation with SAML IDPs
- SAML IDP Initiated Authentication
- SSO with SAML SP's
- Applications
- Rancher
- Rocket
- NextCloud
- Wordpress
- Magento
- Teleport
- Moodle
- Drupal
- Kafka
- SaaS provider
- Office365
- Amazon AWS
- Salesforce
- Zoom
- Webex
- Jira
- Docusign
- Passport-JS
- Gluu Casa
- FAQ
-
Upgrade Guide
- VM
- Version upgrade paths
- Backup
- Rollback
- Kubernetes
- Version upgrade paths
- Backup
- Rollback
- FAQ
- VM
- ** Janssen Project Developer **
- Implementation Design
- agama
- fidowallet
- jans-auth-server
- jans-cli
- jans-client-api
- jans-config-api
- jans-core
- jans-eleven
- jans-fido2
- jans-notify
- jans-orm
- jans-scim
- CI-CD
- Jenkins CI (Current)
- Github CI (Up coming)
- Release process
- FAQ
- Implementation Design