{ "componentChunkName": "component---src-templates-docs-js", "path": "/admin/2-authentication/12-certificateauth", "result": {"data":{"site":{"siteMetadata":{"title":"OpenIAM Documentation v2026.5.1 | OpenIAM","docsLocation":""}},"mdx":{"fields":{"id":"10b2eb8f-7eb8-5826-a2f5-f3770270b077","title":"Configuring certificate-based authentication","slug":"/admin/2-authentication/12-certificateauth"},"body":"var _excluded = [\"components\"];\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n \"title\": \"Configuring certificate-based authentication\",\n \"metaTitle\": \"Configuring certificate-based authentication\",\n \"metaDescription\": \"This section describes how to configure certificate-based authentication\"\n};\nvar layoutProps = {\n _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n var components = _ref.components,\n props = _objectWithoutProperties(_ref, _excluded);\n\n return mdx(MDXLayout, _extends({}, layoutProps, props, {\n components: components,\n mdxType: \"MDXLayout\"\n }), mdx(\"p\", null, \"This section provides instructions on how to configure certificate-based authentication in OpenIAM.\"), mdx(\"p\", null, \"Begin by creating a Certificate Authority (CA) that will issue and sign the certificates used for authentication.\", mdx(\"br\", {\n parentName: \"p\"\n }), \"\\n\", \"You can create the CA using a Linux command prompt with commands such as the following:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openssl genrsa -out ca.key 2048\\nopenssl req -new -x509 -days 3650 -key ca.key -out ca.crt\\necho -n \\\"00\\\" > file.srl\\n\")), mdx(\"p\", null, \"Enter CA password (not less than 4 symbols) and CA info. For example:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Country Name (2 letter code) [AU]:US\\nState or Province Name (full name) [Some-State]:NY\\nLocality Name (eg, city) []:NewYork\\nOrganization Name (e.g., company) [Internet Widgits Pty Ltd]:OpenIAM\\nOrganizational Unit Name (e.g., section) []:development\\nCommon Name (e.g. server FQDN or YOUR name) []:*.openiamdemo.com\\nEmail Address []:admin@openiamdemo.com\\n\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"ca.key\"), \" is the private key and must be stored securely. It is used to sign client certificates. \"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"ca.crt\"), \" is the certificate that should be installed both in Apache and in the client\\u2019s browser. \"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"file.srl\"), \" stores the current serial number and must be incremented each time a new client certificate is signed.\")), mdx(\"h2\", null, \"Creating client certificate\"), mdx(\"p\", null, \"First, create sign request (CSR):\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openssl genrsa -out user1.key 2048\\nopenssl req -new -key user1.key -out user1.csr\\n\")), mdx(\"p\", null, \"You will be prompted for key password and Certificate info. For example:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Country Name (2-digit code) [AU]:US\\nState or Province Name (full name) [Some-State]:NY\\nLocality Name (e.g. city) []:NewYork\\nOrganization Name (e.g. company) [Internet Widgits Pty Ltd]:OpenIAM\\nOrganizational Unit Name (e.g. section) []:development\\nCommon Name (e.g. server FQDN or YOUR name) []:user1\\nEmail Address []:user1@openiamdemo.com\\n\")), mdx(\"p\", null, \"Sign CSR using CA.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openssl x509 -req -days 365 -in user1.csr -CA ca.crt -CAkey ca.key -CAserial file.srl -out user1.crt\\n\")), mdx(\"p\", null, \"Afterwards, use the PEM certificate in \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"curl\"), \" or from applications. To do so, you must create a PEM file that contains both the certificate and the key. If you want to use it without user interaction, you must also remove the PEM passphrase from the key.\"), mdx(\"p\", null, \"To remove the PEM passphrase from the key (if it exists) and combine \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"user1.crt\"), \" with the key that no longer has a passphrase, use the following:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openssl rsa -in user1.key -out user1.no_pass.key\\ncat user1.crt > user1.pem\\ncat user1.no_pass.key >> user1.pem\\n\")), mdx(\"p\", null, \"Now it is possible to usr \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"user1.pem\"), \" in \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"curl\"), \" requests (in \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"--cert parameter\"), \"):\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"curl -k \\u2014cert user1.pem https://lnx1.openiamdemo.com/webconsole/\\n\")), mdx(\"p\", null, \"Convert client certificate to \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"pksc12\"), \" format that can be used for import into browser.\\nThis only needed if you want to use client certificate from browser.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openssl pkcs12 -export -clcerts -in user1.crt -inkey user1.key -out user1.p12\\n\")), mdx(\"p\", null, \"You will be prompted for \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Export Password\"), \".\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Enter Export Password:\\nVerifying - Enter Export Password:\\n\")), mdx(\"p\", null, \"Generate and use your \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"new\"), \" Export Password here. You will need it to add your \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \".p12\"), \" certificate into the browser.\"), mdx(\"p\", null, \"The \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"user1.p12\"), \" and \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ca.crt\"), \" files must be copied to the client\\u2019s computer and installed in the browser. Users will also need the Export Password to import \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"user1.p12\"), \" into the browser.\"), mdx(\"h2\", null, \"Configuring Apache\"), mdx(\"p\", null, \"This step is \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"only needed\"), \" if you want to use \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"client certificates from the browser\"), \". \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"HTTPS\"), \" should already be configured on Apache. To enable client certificate authentication, follow the steps below:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Configure the CA bundle on the Linux machine with Apache installed. Do \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"not\"), \" overwrite \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"/etc/pki/tls/certs/ca-bundle.crt\"), \". Create a backup and use \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \">>\"), \" to append data instead of overwriting.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openssl x509 -in ca.crt -text >> /etc/pki/tls/certs/ca-bundle.crt\\n\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Add or check that this line is already added in Apache \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"ssl\"), \" configurations.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt\\n\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Add the following configuration to your Apache Virtual Host file. This will instruct the client's browser to send the client certificate with requests.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"SSLVerifyClient optional\\n\")), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Note\"), \" that Apache should be configured to use https to be able to send client's certificate to server. Otherwise, http will not work.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Restart Apache.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"service httpd restart\\n\")), mdx(\"h2\", null, \"Configuring Authentication Provider\"), mdx(\"p\", null, \"Navigate to the current Authentication Provider in \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Access Control\"), \" > \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Authentication Providers\"), \", and enable Certificate-Based Authentication, as shown in the figures below.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1035px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/c70bef896da0ba8b37f999c7abb846db/d38ac/DefaultAuthProvider.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"26.25482625482626%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAFCAYAAABFA8wzAAAACXBIWXMAAA7BAAAOwQG4kWvtAAAAeklEQVQY052PawrDMAyDc/9DrrtBl7pp4keiYbNCNwor/fFhbCFbTjVn8LLAmGG9w8xuIyJIeXqCHhNkfkFUY3iGhsZYy3rov3VmRpozYasV/UI6NxFR1F/N/ZGwlA2qgjHGX9xUP8fPdF+cPOZ+/Qr7e0daa2CRePkNmQiJOXxDIyMAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Default Auth Provider\",\n \"title\": \"Default Auth Provider\",\n \"src\": \"/docs-2026.5.1/static/c70bef896da0ba8b37f999c7abb846db/e3189/DefaultAuthProvider.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/c70bef896da0ba8b37f999c7abb846db/a2ead/DefaultAuthProvider.png 259w\", \"/docs-2026.5.1/static/c70bef896da0ba8b37f999c7abb846db/6b9fd/DefaultAuthProvider.png 518w\", \"/docs-2026.5.1/static/c70bef896da0ba8b37f999c7abb846db/e3189/DefaultAuthProvider.png 1035w\", \"/docs-2026.5.1/static/c70bef896da0ba8b37f999c7abb846db/44d59/DefaultAuthProvider.png 1553w\", \"/docs-2026.5.1/static/c70bef896da0ba8b37f999c7abb846db/d38ac/DefaultAuthProvider.png 1744w\"],\n \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"Now, there are two options for mapping the certificate to a user principal:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Add a Regular Expression to the Certificate\"), \": This will extract the principal from the matching group in the Regex.\", mdx(\"br\", {\n parentName: \"li\"\n }), \"Example: \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"CN=(.*?)\")), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Define a Custom Groovy Script\"), \": Use a script with custom logic to parse the certificate and determine the principal.\")), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1035px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/cc1cee8ef48a399d0768ea04a15a7e7f/0f903/SupportCertificateAuth.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"76.44787644787644%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAPCAYAAADkmO9VAAAACXBIWXMAAA7BAAAOwQG4kWvtAAAAw0lEQVQ4y61Tuw4CMQzr//8kuhHE0BfNo70zSgSIFXKDlSqD6zhOGmNAdULnxForhDknUq0VtXUQC1QVU9XrrzAyEUEyhfb4l+gbTkhELnff9zB8ZKIBJoKKQIS9vt9rzd8JW2tgZm9EFvIh7L357O8t/btdq+ZjyqXBfIz6dxyHk6acK0rJEBZvhglFBWI5enkQRaqXDWPboNer/xKBKU35dscoGdr7OQoHEQaz37J4/mLwSzHm/ZWl8MilPj7BPsPDJ0V4nf+jTiBvAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Supporting Certificate Auth\",\n \"title\": \"Supporting Certificate Auth\",\n \"src\": \"/docs-2026.5.1/static/cc1cee8ef48a399d0768ea04a15a7e7f/e3189/SupportCertificateAuth.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/cc1cee8ef48a399d0768ea04a15a7e7f/a2ead/SupportCertificateAuth.png 259w\", \"/docs-2026.5.1/static/cc1cee8ef48a399d0768ea04a15a7e7f/6b9fd/SupportCertificateAuth.png 518w\", \"/docs-2026.5.1/static/cc1cee8ef48a399d0768ea04a15a7e7f/e3189/SupportCertificateAuth.png 1035w\", \"/docs-2026.5.1/static/cc1cee8ef48a399d0768ea04a15a7e7f/44d59/SupportCertificateAuth.png 1553w\", \"/docs-2026.5.1/static/cc1cee8ef48a399d0768ea04a15a7e7f/0f903/SupportCertificateAuth.png 1719w\"],\n \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Optional Step: Configuring CA Validation Script\")), mdx(\"p\", null, \"An example Groovy script for CA validation is \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ExampleDefaultCACertCheck.groovy\"), \".\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"import org.openiam.am.cert.groovy.DefaultCACertCheck;\\nimport org.openiam.exception.BasicDataServiceException;\\nimport org.openiam.idm.srvc.auth.dto.Login;\\nimport org.apache.commons.lang.StringUtils;\\nimport org.openiam.base.ws.ResponseCode;\\nimport java.io.File; import java.nio.file.Files;\\nimport javax.security.cert.X509Certificate;\\n\\nclass ExampleCACertCheck extends DefaultCACertCheck {\\n public ExampleCACertCheck() { super(); }\\n public Boolean resolve() throws BasicDataServiceException {\\n try {\\n clientCert.checkValidity();\\n } catch (Exception ex) {\\n throw new BasicDataServiceException(ResponseCode.CERT_CLIENT_INVALID, ex.getMessage());\\n }\\n if (caCert != null) {\\n try {\\n caCert.checkValidity();\\n } catch (Exception ex) {\\n throw new BasicDataServiceException(ResponseCode.CERT_CA_INVALID, ex.getMessage());\\n }\\n try {\\n clientCert.verify(caCert.getPublicKey())\\n } catch (Exception ex) {\\n throw new BasicDataServiceException(ResponseCode.CERT_INVALID_VERIFY_WITH_CA, ex.getMessage()); }\\n } else {\\n throw new BasicDataServiceException(ResponseCode.CERT_CA_INVALID, ex.getMessage()); } return true; }\\n}\\n\")), mdx(\"h2\", null, \"Configuring Content Provider\"), mdx(\"p\", null, \"You can configure this in the Content Provider screen: \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Access Control\"), \" > \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Content Providers\"), \". Navigate to \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Authentication Levels\"), \" and add \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Certificate Authentication\"), \", as shown below.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"819px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/c8a155b4675021e12f55bf6dd3978a6f/97655/AddAuthLevel.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"94.98069498069499%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAATCAYAAACQjC21AAAACXBIWXMAABYlAAAWJQFJUiTwAAACFklEQVQ4y5VUy47TQBDM/3/KSlzghODABST2BBxhnZeSrLOJH1l7PG8XqrbHCqwiOS11knmkuqu6exbGWtR1jaqq4IyBcw5N00AphRjjXW6sw6LTGtvtFrvdDt57aGMkAEHpDBBCmOUCqLXBfr/H8+GAPgRYawVIay2/GWQOWEyASnXIsgzLLIPVGj4EoeucRd/391O21ol+zITWaYuqbtF1ZjZV+iCXHTRcr9fI83wA7DoURSmUGXUu4ES5aVosn55gtBbAlH7fx7so8+5A2Q2UjTFjhgZl1Ygb4+Sy93OyHCnzoyxL+eOgoUFVK6hRw7Sf6DMTWgLiOkjQEZBVHawHr75UCtlyiWOeI4SIvGyx2axFU9rhcMBqtRIAstpsNjgej9Kv1vkBMGnFb1adGbMHaXV9kaZP67ZtJ0bMkEMQxqREQzNSPp/PEiXRuW5oBhJqtyhfT4pzXqIURSH+cjrhdDpJoeKMVokxSQawwFOVCcZM6VxfLhfJ+K1boR+Dx3Pxindf/+Dh0w88fP6FD48rLJz3sNaIwNfOInAEb3mnFOqmRV5c8PP9R/z+8g1F5wdAUqTYjGzGJyy9MpSDjwerS52pLc9YTN22OO93CO0rYDrZW7BpSS9pKO8iW8Da6W0kUHJm7ngWI1Seo3z8Dht7OAYwbgD831JVU0Vvnl+tkUaPlL3/V3gve36id+vMX+1z9Aj4F6Ljx/bGNRQfAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Add Auth Level\",\n \"title\": \"Add Auth Level\",\n \"src\": \"/docs-2026.5.1/static/c8a155b4675021e12f55bf6dd3978a6f/97655/AddAuthLevel.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/c8a155b4675021e12f55bf6dd3978a6f/a2ead/AddAuthLevel.png 259w\", \"/docs-2026.5.1/static/c8a155b4675021e12f55bf6dd3978a6f/6b9fd/AddAuthLevel.png 518w\", \"/docs-2026.5.1/static/c8a155b4675021e12f55bf6dd3978a6f/97655/AddAuthLevel.png 819w\"],\n \"sizes\": \"(max-width: 819px) 100vw, 819px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"If a warning appears about modifying default settings, click \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Yes\"), \".\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"328px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/88c8e377299f3211fe3ce8d6134af8ea/d5c60/AddAuthWarning.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"100%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAAACXBIWXMAABYlAAAWJQFJUiTwAAACcElEQVQ4y6VUTYvTUBTNDxLBhQs3int3woArd25m4UYEQQQRwUFEhAH9BTJ/weXgQtR2xjYZZ9LQJmmbtkm/04+0TZMj52YS+zGLig9u3kfuO++ce+97ynK5xHg8hu/7azYajeD7u1riH4YhFM9zEQQB4jjGauNBu1oURZjP5/BcF4rjOMJQVVVUKhUYhoFarYZ/bWTHfYppmpjNZphMJgJM6t1uVxjvamyLxQIkp1iWJYCbjTJ2NYJScr1eTyRz8r+NkgWQH9Kltdtt9Pv9zFqtFjzPQ6/Xw3A4hOu6Mu50OvKPoWFCU8kZINEpu1wuS2Cbzab01WpVnNhTSdoz7lynDQaDqwG5wHgSjEwbjYaMyTAFTo3/6MMxma8BOs5fyXTkom3bMqaklGEKQuNBlE/Z0+l0HdCybGHIxFAmnViPBKE0SkyZp+zSNc5XAaUOtbOSTKTSPU+c2HNTGk8eQtZkRUCuc05Q+m7EsIYwTACZFF3XZRNPTo2ZZOHTh3MWP3smkkBrDPnhhLIZM2aNm7dbDMQRsHHnt+qQ8bqqsLOrxZuQwGUW0S4fBdpGlh2hzs2rr4cYx9zsDxD9/Iro5Bui78eAWdoikF09flKGWxc/WiasyiXEb/cQvbgGfHqA0sf32H92gMdPX2P/ySuYtiP7sxhS/9XtMl5mBXh+E/EjBXh3Cz/evMT1O3u4e+8hbty+j1/qhbjZdjWRzBeXspnNNWOGwyWCuo3g6BDB5wPMjj5gePwFJauO8wsDulHBaDSWp08kswQ0TUMul0M+n982rp+eIv9bR/7cQO5Mx4mqQS0WoakqNLUofoVCQR6UP4WZ40DLaqUoAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Warning\",\n \"title\": \"Warning\",\n \"src\": \"/docs-2026.5.1/static/88c8e377299f3211fe3ce8d6134af8ea/d5c60/AddAuthWarning.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/88c8e377299f3211fe3ce8d6134af8ea/a2ead/AddAuthWarning.png 259w\", \"/docs-2026.5.1/static/88c8e377299f3211fe3ce8d6134af8ea/d5c60/AddAuthWarning.png 328w\"],\n \"sizes\": \"(max-width: 328px) 100vw, 328px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"Add \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Certificate Authentication\"), \" with the steps described below.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"763px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/5519500a1b2c3e7106e282ec8a8f4f9c/5e3a3/AddCertAuth.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"50.965250965250966%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAKCAYAAAC0VX7mAAAACXBIWXMAABYlAAAWJQFJUiTwAAABe0lEQVQoz42S3W6cMBCF/f5vkbdoLiKtGqlVetGb9iK5yYqFXdjYYAz+Af9wqjFZxN5ERfrEyB6fY88MG4YBVVWhruuNpmnQdR1SSogx/hcprX9mrYWUEiS8R2uNeZ43pmna2K+vTDBugvceLIRwd8A5lyEjY0yG4r3g3Z5zee216mDcDDaOI67X6yZG4mRyg54xKIVTUaAqS1zOZzhrEbxHjAEtF2iFQEgp5zNyoZoJIcA5h1Lq7sYUD9qg4QJXLtBwDm0dfIgIANqf39H9/oU5xmzC6EDf9xtUT2rIjbbvYS4l/Okd/lzAVwWm0xFz+Q5XVliOT9CPD7DHEgsA9mX3QkAC4F//oDk8on55xuXHAR8vz5je/kIeviFohSVFpNzpBLYspPv1F72H4h+wqofpJdyggODRC44Q4pa3pGV98q2TBBWWnPaEGNFKCW0ttLGIn5eQn/VeKC+uuYzqVBTFOtRNDWtNFqWZ2kOmehzzjNI0ZEEpc7zP/weJrgMlJ6GMHgAAAABJRU5ErkJggg==')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Add CertAuth\",\n \"title\": \"Add CertAuth\",\n \"src\": \"/docs-2026.5.1/static/5519500a1b2c3e7106e282ec8a8f4f9c/5e3a3/AddCertAuth.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/5519500a1b2c3e7106e282ec8a8f4f9c/a2ead/AddCertAuth.png 259w\", \"/docs-2026.5.1/static/5519500a1b2c3e7106e282ec8a8f4f9c/6b9fd/AddCertAuth.png 518w\", \"/docs-2026.5.1/static/5519500a1b2c3e7106e282ec8a8f4f9c/5e3a3/AddCertAuth.png 763w\"],\n \"sizes\": \"(max-width: 763px) 100vw, 763px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \"), \"\\n\", mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"756px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/2b87b5be928a6b4d68ecf64d8ad08d37/8ae3e/SaveCertAuth.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"41.31274131274131%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAICAYAAAD5nd/tAAAACXBIWXMAABYlAAAWJQFJUiTwAAABFklEQVQoz4WQzU6EQBCE58l9AE++gwdv3rz4JuqNLCwzy8/sAvMPZWqyoCFEJ/kCVPc01SW6rkNRFDidTpmyLFGWFajP84wYI1JK/zLPCSlGCGsNhmHANE0YxzHDd2MMvPdwzv3gXdZ+Q907h9tk4XyAoMjLR3DwOnyvbRgDmvosOwzGQWit0bZtts311hX55MprJFVVQSm19eT6sqCRF6hLgwXImuC65/MZUkrUdY2+72Gt3Rzxu5YSUqpcZz9XZI8LEf3rC/T7G4yxCCFAMLOmabITOt2j9RWq0VAXDal6tN0NnlnGgLG7wjw/on96QPvxBZ8SBG3ug97DPx/C+nVAsA7hHpNgTjzLsuDoUP8T9tz7OOsbavlpob/12YQAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Save CertAuth\",\n \"title\": \"Save CertAuth\",\n \"src\": \"/docs-2026.5.1/static/2b87b5be928a6b4d68ecf64d8ad08d37/8ae3e/SaveCertAuth.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/2b87b5be928a6b4d68ecf64d8ad08d37/a2ead/SaveCertAuth.png 259w\", \"/docs-2026.5.1/static/2b87b5be928a6b4d68ecf64d8ad08d37/6b9fd/SaveCertAuth.png 518w\", \"/docs-2026.5.1/static/2b87b5be928a6b4d68ecf64d8ad08d37/8ae3e/SaveCertAuth.png 756w\"],\n \"sizes\": \"(max-width: 756px) 100vw, 756px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"Enabling Certificate-Based Authentication for a specific URI pattern can be done in the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"URI Pattern\"), \" screen.\"), mdx(\"h2\", null, \"Configuring Client's browser\"), mdx(\"p\", null, \"Users need to copy \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"user1.p12\"), \" and \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ca.crt\"), \" files to their local computer and install them in the browser. The browser checks \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"user1.p12\"), \" using \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ca.crt\"), \" before sending it in requests.\"), mdx(\"h3\", null, \"Installing ca.crt in browser\"), mdx(\"p\", null, \"Go to the certificates configuration as shown below.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1001px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/103ddb816425c4195cdeb21a1982209c/6acbf/CertificatesConfig.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"71.42857142857143%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAOCAYAAAAvxDzwAAAACXBIWXMAABYlAAAWJQFJUiTwAAACI0lEQVQ4y22T23KbMBCG/f4P1qu2k2aStBPbHIQwZyQQAkk4/J0VxsEzvvhHK6H99qDlEIXBwnmCNOVLWRaIWIJTlCBOc/CixjFiiBgDYzEYYyiKHHSvKFaRXZbFkucZsixbDnEU4ng6LqfzCWVRoGInlPER0csvXD5ewf78RhWeofUApXr0fYeu69D3PaSUBAHBgjBYKOjBWrfMbgat02RgrIXRGlYKGClhpIBVCsZYL2uMl5kmKEVBFKbJLM7NqOp6OWg9oiwr/3F1sDDuCqk0hOwge4WWVikhRAcxWIjBoR0cjHWUiNc8X1HXDQ5q0IjiGI2QcPMV9voF2SnkeQnVK+hBY9hJmxnaXKGmGdMta6qMMlyBwRnhj59o3z8g/v7D+P6KIuUIoxhtKyCERNO03vaqazR1DdGKtSLr/Dq7W4Yyy3F8eUNxOntN2QVVUSKOE3CeesUxQ8ISpFkBXkqU9RpgD3QbkNLW44jRWIyTgZ2/fCkEOZ8DMJYgCEJkWe5bIboBvdK+ZxvsAWh3jb1Hs+72ggP6Xt1FPe27dWz22T0At4PvDzMulwyfn0dUVQ2aAgJ3Xe+13Xnm9xRIUekh8pz+hNKXSo9CGe6Bbp3du00taJpbydvBZhOA+hdFMZKEQ8ruoXzaE3wcp3sg8qXgPkM6pKzIiYB0gUA08JvDXgT0PVUDOL/4SSB4wvk3kC7R4O4bvS/pmWigt4C0T9ML/gMscyt0Hg+q8wAAAABJRU5ErkJggg==')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Certificates Config\",\n \"title\": \"Certificates Config\",\n \"src\": \"/docs-2026.5.1/static/103ddb816425c4195cdeb21a1982209c/6acbf/CertificatesConfig.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/103ddb816425c4195cdeb21a1982209c/a2ead/CertificatesConfig.png 259w\", \"/docs-2026.5.1/static/103ddb816425c4195cdeb21a1982209c/6b9fd/CertificatesConfig.png 518w\", \"/docs-2026.5.1/static/103ddb816425c4195cdeb21a1982209c/6acbf/CertificatesConfig.png 1001w\"],\n \"sizes\": \"(max-width: 1001px) 100vw, 1001px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \"), \"\\n\", mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1001px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/451e5bd37a79bf163bace2476332dc1c/6acbf/Authorities.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"71.42857142857143%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAOCAYAAAAvxDzwAAAACXBIWXMAABYlAAAWJQFJUiTwAAACLklEQVQ4y3WSiXLaMBCG/f4P1WM6TSCQ0HLYSspNwHZ8yPi2DPo6Fkmm0wTNfNodabX7S1rrebfTnu/h+76WccTeddnsPfZBhC+PrDrfdTkcDhzcA3EcfYaOopAwDLQ1HAy47d3qXq/HbDrFvr/FHvUZfvvC+OcPRt+/In49sNluWK9WLBYLw3K5YD7/w2QyZjqdcHfX16PRA5Zt21oIgRBC27aN8adTxKCPuB/g9G8Y3tzQHwwZ3t/TxXyCfrNWXTeUVUVRljRKUZYVTXuiriryxynx4ol8+YeqKCjKCqVa2vY6VpbnxPJIFEuOaUYYSWSSIoOQVW/A7O43/symrWva9oRSiqa5jiWlJAgCQywlcdwRX6xMkLEkjCVJkryTpelVLJkkbDZb1usNQRiS5YVRmhcF3XNUdUPdqFf1MWmaUVU15RWsbgoiifcS4net8kpZK5r2TK1OqJMmTlI8P6AoG1SradTZ7P+P1VVeb3bMl2vmixWL5Zrd3iXNCuqmNQm7QHnMTKG8qGjUyax/xkVhGJvqe9fD9Xye9y5BFL8f7BRG8ojrvZiEqlPTFfoEKzmmuH5gFFS1omxaqqa9XOGkLwnbM1lemmsXVXNVnVGY54VR2D24THNy3+P4JEjnT+QvPllZkxelaSf/5fJplendj3SCLK01b+PUuWmC2i4577eQysuG1vwbd23os8aazWY4joNtO8Y64hEhHnGEML5ZM4h3v4v9gOMwHk/4CzMrHm+fZ3+xAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Authorities\",\n \"title\": \"Authorities\",\n \"src\": \"/docs-2026.5.1/static/451e5bd37a79bf163bace2476332dc1c/6acbf/Authorities.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/451e5bd37a79bf163bace2476332dc1c/a2ead/Authorities.png 259w\", \"/docs-2026.5.1/static/451e5bd37a79bf163bace2476332dc1c/6b9fd/Authorities.png 518w\", \"/docs-2026.5.1/static/451e5bd37a79bf163bace2476332dc1c/6acbf/Authorities.png 1001w\"],\n \"sizes\": \"(max-width: 1001px) 100vw, 1001px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"Import \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ca.crt\"), \" into \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Authorities\"), \".\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"559px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/bf69eff3070e94b3da2fec2d63fe4a2d/a65ce/SelectCA.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"66.79536679536679%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAANCAYAAACpUE5eAAAACXBIWXMAAAsTAAALEwEAmpwYAAAB4klEQVQ4y6WSzYvTQBiH8y968+JJT4L6P4iuB1HUi0gLynrY82JBd6Vq1xWlsum6iM1H89HJxzRJ0yYzSValmZ/MVFA8CN0NPLyZl8yT98eMlkZea37VkYSuaMoMoWeBBh4838fYMDA2TTiuC8O0YFoW7IkD07IRhBEojfBJP8Hl7lhceHiC68/NVnvat9HZ+ya6+ya2B1N0+x52hwFoHIMVC3yvOX6eVjitGbKEYjFP8KNZ94pFihmNoFsxBiNHHFshtCvPXHFjh+DaDhGXOhNcfDLB1W0Hnf4U9/di3H1FcasXYasX4d7LADd3CW73YsWdXogHrykev6Hi0X6IrRdEaDGNMXEckCBA0zSoKo40LzDyOT7YHAdmiXdGiYHJ8NGpcGAxtZa8t5j65tBmOLQ53hoMWpJQEOIjDAnkO+cMTc1x1keb53MQQuB6LgiZgrESnHOsVi1aIbBqN0NbLhcIwwCOM1FCOaGM3bat+qMQYrMJk2QG13Uga9PU5xfGcQTPcxEEBGVZKJmMfC6h73sq7h8hU0Ip2xRtNqMqspywrisllJz5lLMsxZoEabpGrotiiaIoftd/Wffn8wyp2psp8jyHRmkMGVvWv5G9/yFvxvGXEYafhzjSj6CPdBjGGL8AiujKHCylWtUAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Select CA\",\n \"title\": \"Select CA\",\n \"src\": \"/docs-2026.5.1/static/bf69eff3070e94b3da2fec2d63fe4a2d/a65ce/SelectCA.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/bf69eff3070e94b3da2fec2d63fe4a2d/a2ead/SelectCA.png 259w\", \"/docs-2026.5.1/static/bf69eff3070e94b3da2fec2d63fe4a2d/6b9fd/SelectCA.png 518w\", \"/docs-2026.5.1/static/bf69eff3070e94b3da2fec2d63fe4a2d/a65ce/SelectCA.png 559w\"],\n \"sizes\": \"(max-width: 559px) 100vw, 559px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"Install \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"user1.p12\"), \" into \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Your Certificates\"), \".\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1001px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/c4465a621c7ad7f399540e9509bbd41d/6acbf/YourCertificates.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"69.88416988416989%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAOCAYAAAAvxDzwAAAACXBIWXMAABYlAAAWJQFJUiTwAAAByklEQVQ4y7WS23KbMBCG9f7vVScYDCRjWjexqT3jEwgQIIQkwPo7EnEmN82Vy8w3u8v+Oqx2SZ5lpqxKVFVl6prhSkucrhRZUSEvGbbpAYfDAWmaYr/fo5q1n9g1jDFj/1NKDXmNY0RRZF5eYvxJd9gmEd43a6yTn3jfbvFrs3EbFpQiy644n884n0/Onk5H7HZbpOkOSZKYt7ffIEEUmyCM4IeRWUUx4pWPOFwhCAL4vg/P8/BjscBi8YTnZw9hGNkLOMIwdLogCIzVLZdLQ8RxjzvS2k6glwpSSkip0HUCjNWoKoaK1eh7+ZGbUUpBKgWltPNJFq6QPK2wXvg4eh7qokDLBZqWo+UdypJBa41pmjCOE4ZhxDAMX/iI9QwpigrH49VxueSgZYWMlrjmBTJaIKclWN2Ad/MhFuvfuR98j0njbtM6eildSUL0aJrGIYSA6Pu59Lq2HXW+1czPwdBy7mKrJXoY8ciPSD04xxjzEIj6Xxs+rOReaYzTzWHfcxhv0PfxoDn05YSxbaA/NN8x3QyIHU7bIaU1OOdumG37RduAr2Ow1xBqvwOXys3jMI7/xA43sa22QjvlX63D5kQH1fefue9oW46/b4cvqRODUTUAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Your Certificates\",\n \"title\": \"Your Certificates\",\n \"src\": \"/docs-2026.5.1/static/c4465a621c7ad7f399540e9509bbd41d/6acbf/YourCertificates.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/c4465a621c7ad7f399540e9509bbd41d/a2ead/YourCertificates.png 259w\", \"/docs-2026.5.1/static/c4465a621c7ad7f399540e9509bbd41d/6b9fd/YourCertificates.png 518w\", \"/docs-2026.5.1/static/c4465a621c7ad7f399540e9509bbd41d/6acbf/YourCertificates.png 1001w\"],\n \"sizes\": \"(max-width: 1001px) 100vw, 1001px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \"), \"\\n\", mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"559px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/205448e0eff27dc40962570404f19ad8/a65ce/SelectUser1.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"66.79536679536679%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAANCAYAAACpUE5eAAAACXBIWXMAAAsTAAALEwEAmpwYAAAB4ElEQVQ4y52Ty27TQBiF/Yi8A0uqsmNRgXgBJF6AVdWyQNw2vAJCQrEbGikX2zP22PEtcWKPx2lC6znoHze0ygIpjPTpjEfj4/9mi3PWOY4Dz3O1lBJN0xiUUuBBgOlsBsYY/Hs830dd12jbFsk8wo/BEE/fjfWTt1c4PZ90lhABXHemwzBAWZZYr1dYrVbI8xxCCERxhCRJEEUCjDOzpw+TYVVVyPICA7fA93Gmh2wBa7EotBAhvaClrKBUA9VIhNyHY//E8MrGZDyC505w/ctGkSVAd4uDpfdq5XkGii5NE9zcbIxhLSVYlCMpFUr1Gwu5xVLuUKpbo8uGznaIixrzhTT3ZiJHkK5hZVmKIOCgKNM0xaaV4OkKb74FOPsk8PprjFdfIjx/H+DZBcfJZQ/tTy85Xn4WePEhxNnHECcXDFZZLk19OGfGtJE1JDVle4d216El3d6hOUAZOnPnsVrUhDiO4Pteb9hIk/ZDWY5bpoaM+SDdbNq/hl3XQWtAa30UVpLMTbqUdl33XaY5JEPTNn1cpMZw35QHQ3kfoT4+QuoypUwRtq3q59DU8P8WDTZ6chRFDz1X1dr8Cb0e0p/v7xL0lxEWDTSlTfoYOvsXNBmOY8O2B4bR6BrT6QR/AIUtz1QaBM8/AAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Select User1\",\n \"title\": \"Select User1\",\n \"src\": \"/docs-2026.5.1/static/205448e0eff27dc40962570404f19ad8/a65ce/SelectUser1.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/205448e0eff27dc40962570404f19ad8/a2ead/SelectUser1.png 259w\", \"/docs-2026.5.1/static/205448e0eff27dc40962570404f19ad8/6b9fd/SelectUser1.png 518w\", \"/docs-2026.5.1/static/205448e0eff27dc40962570404f19ad8/a65ce/SelectUser1.png 559w\"],\n \"sizes\": \"(max-width: 559px) 100vw, 559px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"You will also need the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Export Password\"), \" that you used when creating the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \".p12\"), \" file.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"566px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/e34f3a96631efa2d65894976cb355bc7/6fe44/VerifyExportPassword.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"32.818532818532816%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAHCAYAAAAIy204AAAACXBIWXMAAAsTAAALEwEAmpwYAAABI0lEQVQoz4WRXU/DIBSG+///mfHCqCvls7TQFgZOTcai6zZeU6rLLjRePHnOOXk5IVCllJBSyvv9Hrcsc2MtGOdQqgVpKLgQCDHikBJ+yefd7hWVcy577xBjRAgBMYbVLxHjOKDrOhhroDtdaufW7DUXf4jw3udKtRJaq9w0BIw1oLQprusNGKPgnIJSAik5hGAQnGHJErKBELyYkHpxXs5Vw2AwThOY6sG1BdemUPrWgLXf9TJvDYS2paeqh+gsWNuvlHyPKmwd+tEjvB9wPGd8zJeV000939YXHM/AfAE+T/nKKQNvhxmV9xPGaVm6hZnCv3SjL7dspIbsB2jriqns0NqpfAqWpVs/Ff+JWzPW9iD1M+7v78rbaq2Knx4foCTHF81rBGD/WjjQAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Verify Export Password\",\n \"title\": \"Verify Export Password\",\n \"src\": \"/docs-2026.5.1/static/e34f3a96631efa2d65894976cb355bc7/6fe44/VerifyExportPassword.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/e34f3a96631efa2d65894976cb355bc7/a2ead/VerifyExportPassword.png 259w\", \"/docs-2026.5.1/static/e34f3a96631efa2d65894976cb355bc7/6b9fd/VerifyExportPassword.png 518w\", \"/docs-2026.5.1/static/e34f3a96631efa2d65894976cb355bc7/6fe44/VerifyExportPassword.png 566w\"],\n \"sizes\": \"(max-width: 566px) 100vw, 566px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"Check that the user certificate was successfully added.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1001px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/a6d069f8ae98144214fe27cf4dc3ef7f/6acbf/UserCertificateAdded.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"71.42857142857143%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAOCAYAAAAvxDzwAAAACXBIWXMAAAsTAAALEwEAmpwYAAAB7ElEQVQ4y62TWW/bMAyA/f9/1h7atDmKNomPxGfsOEkty0cSn6m/QR4aDEO3vZTAB5IiJVEQqUVhOBxPR06n05DJlP3hSBAd2B/fOQmJt4vY7/fEcUx8iJEy/YohTQVCJIM2m055nDwOk8mE9WqFPn9Af5szm815fX1lsZhjmgZBEOB7Ho7jjLiug21vWS7fWK2WPD8/DS8vCzTdMAbLsrAsazAMA9M0R5Rt6Abr9ZrpbM7T85TZfIGu618xfGrter2S5zlZllNVFVXd0LYtTdPSth2Xa0VV1Xe6rqfv/452EAUr752le8I/SGSWk+XFSF6UJEJS1zV9fxs3qAPVRZ/86WtZUSBEihCCNJVIKRFpSpIkJIlAyoy8KDifz2RZhswkZVmOvkK97u5fLmi552A//EBYOk20ow4DroGLMNdIyyDbWqOvKJwNpWtT7Tzq0OfsOyTGmmxrUoU+lbtBa3Ye5cagCjy6fThS73wKe0PpbMm31ui3UUATBvRxdM9rdj6lveHsbuniiN420dq+5ztFUz+qZBiGb0Hruu57K1S9p9pCVarspmkoxl+9cLlcKYpyXFMxdfm/GPvws1Qlt9tt1HXdjAnqINX4Kv7x8fHf6lSOpkbrPmrGL22a1n0Elf17TNe/RsWWyyU/AWNmIms0IhZEAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"User Certificates Added\",\n \"title\": \"User Certificates Added\",\n \"src\": \"/docs-2026.5.1/static/a6d069f8ae98144214fe27cf4dc3ef7f/6acbf/UserCertificateAdded.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/a6d069f8ae98144214fe27cf4dc3ef7f/a2ead/UserCertificateAdded.png 259w\", \"/docs-2026.5.1/static/a6d069f8ae98144214fe27cf4dc3ef7f/6b9fd/UserCertificateAdded.png 518w\", \"/docs-2026.5.1/static/a6d069f8ae98144214fe27cf4dc3ef7f/6acbf/UserCertificateAdded.png 1001w\"],\n \"sizes\": \"(max-width: 1001px) 100vw, 1001px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"h2\", null, \"Changes in v.2016.1.1\"), mdx(\"p\", null, \"In order to fix the undesired behavior of browser, the following changes were made to \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"mod_ssl\"), \" plugin of OpenIAM. \"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"In \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"/usr/local/apache2/conf/extra/openiam.conf\"), \" or \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"/etc/httpd/conf.d/mod_openiam_ssl.conf\"), \", find \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"\\u201C/\\u201D Location\"), \" and add. For this setup to work rProxy \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"must be running with SSL enabled\"), \".\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"OPENIAM_CertPromptUrl /idp/auth-cert\\n\")), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"And create a separate location in the configuration file.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"\\n SetHandler openiam-cert-redirect-handler\\n SSLVerifyClient require\\n SSLVerifyDepth 10\\n AuthType none\\n Require all granted\\n\\n\")), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Restart \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"https\"), \".\")), mdx(\"h2\", null, \"Finishing Steps\"), mdx(\"p\", null, \"Restart the browser, then navigate to a URL configured for \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Certificate Authentication\"), \". The client certificate will be sent to the server.\"), mdx(\"p\", null, \"Click \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"OK\"), \" when prompted to send your certificate to the server.\"));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"url":"#creating-client-certificate","title":"Creating client certificate"},{"url":"#configuring-apache","title":"Configuring Apache"},{"url":"#configuring-authentication-provider","title":"Configuring Authentication Provider"},{"url":"#configuring-content-provider","title":"Configuring Content Provider"},{"url":"#configuring-clients-browser","title":"Configuring Client's browser","items":[{"url":"#installing-cacrt-in-browser","title":"Installing ca.crt in browser"}]},{"url":"#changes-in-v201611","title":"Changes in v.2016.1.1"},{"url":"#finishing-steps","title":"Finishing Steps"}]},"parent":{"relativePath":"admin/2-authentication/12-certificateauth.md"},"frontmatter":{"metaTitle":"Configuring certificate-based authentication","metaDescription":"This section describes how to configure certificate-based authentication"}},"allMdx":{"edges":[{"node":{"fields":{"slug":"/admin","title":"Administration guide"}}},{"node":{"fields":{"slug":"/appendix","title":"Appendix"}}},{"node":{"fields":{"slug":"/changelog","title":"Change log"}}},{"node":{"fields":{"slug":"/connectorconfig","title":"IdM Connectors"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice","title":"End user guide for SelfService portal"}}},{"node":{"fields":{"slug":"/ssocatalog","title":"SSO Catalog"}}},{"node":{"fields":{"slug":"/getting-started","title":"Getting Started"}}},{"node":{"fields":{"slug":"/troubleshooting","title":"FAQ / Troubleshooting"}}},{"node":{"fields":{"slug":"/developerguide","title":"Developer Guide"}}},{"node":{"fields":{"slug":"/whatsnew","title":"What's new in OpenIAM"}}},{"node":{"fields":{"slug":"/installation","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/admin/0-login","title":"Logging in to the admin portal"}}},{"node":{"fields":{"slug":"/admin/1-exportimport","title":"Import / Export"}}},{"node":{"fields":{"slug":"/","title":"Welcome to the OpenIAM Documentation"}}},{"node":{"fields":{"slug":"/admin/1-usradmin","title":"User administration"}}},{"node":{"fields":{"slug":"/admin/10-consent-management","title":"Consent management"}}},{"node":{"fields":{"slug":"/admin/10-password","title":"Password policy"}}},{"node":{"fields":{"slug":"/admin/12-administration","title":"Administration"}}},{"node":{"fields":{"slug":"/admin/13-selfregistration","title":"Self-registration"}}},{"node":{"fields":{"slug":"/admin/15-audit","title":"Audit"}}},{"node":{"fields":{"slug":"/admin/14-Help.Desk.User.Profile.Protection","title":"HelpDesk profile protection"}}},{"node":{"fields":{"slug":"/admin/18-services-passwd-change-k8","title":"Password update for OpenIAM services in Kubernetes"}}},{"node":{"fields":{"slug":"/admin/2-authentication","title":"Authentication"}}},{"node":{"fields":{"slug":"/admin/20-virtual-tentant-by-org","title":"Enabling a virtual tenant by organization"}}},{"node":{"fields":{"slug":"/admin/21-graph-rebuild","title":"Rebuilding OpenIAM's in-memory authorization graph"}}},{"node":{"fields":{"slug":"/admin/3-authz","title":"Managing access"}}},{"node":{"fields":{"slug":"/admin/22-token-session-util","title":"Session management utility for RPM"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/admin/16-admin-pswd-change","title":"Password reset for administrator's account"}}},{"node":{"fields":{"slug":"/admin/19-reports","title":"OpenIAM report services"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov","title":"Requests / Approval"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle","title":"Automated provisioning"}}},{"node":{"fields":{"slug":"/admin/8-sso","title":"Federation / SSO to applications"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy","title":"Access gateway"}}},{"node":{"fields":{"slug":"/appendix/1-self-signedcert","title":"Generate Self-signed Cert"}}},{"node":{"fields":{"slug":"/admin/7-access-cert","title":"User access review"}}},{"node":{"fields":{"slug":"/appendix/2-openssl","title":"Install OpenSSL"}}},{"node":{"fields":{"slug":"/appendix/4-prepforprod","title":"Prepare for Production"}}},{"node":{"fields":{"slug":"/changelog/12-Release-4.2.1.6","title":"Release 4.2.1.6"}}},{"node":{"fields":{"slug":"/changelog/13-Release-4.2.1.7","title":"Release 4.2.1.7"}}},{"node":{"fields":{"slug":"/changelog/14-Release-4.2.1.8","title":"Release 4.2.1.8"}}},{"node":{"fields":{"slug":"/changelog/11-Release-4.2.1.5","title":"Release 4.2.1.5"}}},{"node":{"fields":{"slug":"/changelog/15-Release-4.2.1.9","title":"Release 4.2.1.9"}}},{"node":{"fields":{"slug":"/appendix/3-installopenldap","title":"Install OpenLDAP on Ubuntu"}}},{"node":{"fields":{"slug":"/changelog/18-Release-4.2.1.12","title":"Release 4.2.1.12"}}},{"node":{"fields":{"slug":"/changelog/16-Release-4.2.1.10","title":"Release 4.2.1.10"}}},{"node":{"fields":{"slug":"/changelog/17-Release-4.2.1.11","title":"Release 4.2.1.11"}}},{"node":{"fields":{"slug":"/changelog/20-Release-4.2.1.14","title":"Release 4.2.1.14"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.1.15","title":"Release 4.2.1.15"}}},{"node":{"fields":{"slug":"/changelog/22-v2026.1.1","title":"Changelog for v2026.1.1"}}},{"node":{"fields":{"slug":"/connectorconfig/2-configparam","title":"Connector parameters"}}},{"node":{"fields":{"slug":"/connectorconfig/4-troubleshootingconnector","title":"Provisioning operations troubleshooting"}}},{"node":{"fields":{"slug":"/connectorconfig/JDBC","title":"JDBC connector"}}},{"node":{"fields":{"slug":"/connectorconfig/LDAP","title":"LDAP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/SAPUME","title":"SAP UME connector"}}},{"node":{"fields":{"slug":"/connectorconfig/adp","title":"ADP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/aerospike","title":"Aerospike connector"}}},{"node":{"fields":{"slug":"/changelog/19-Release-4.2.1.13","title":"Release 4.2.1.13"}}},{"node":{"fields":{"slug":"/connectorconfig/linux","title":"Linux connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft","title":"Microsoft Application Connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/aws","title":"AWS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracle","title":"Oracle RDBMS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracleebs","title":"Oracle EBS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/postgresql","title":"PostgreSQL connector"}}},{"node":{"fields":{"slug":"/connectorconfig/rexx","title":"Rexx connector"}}},{"node":{"fields":{"slug":"/connectorconfig/gsuite","title":"GSuite connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scim","title":"SCIM connector"}}},{"node":{"fields":{"slug":"/connectorconfig/sap","title":"SAP S/4 Hana connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector","title":"Groovy Script connector"}}},{"node":{"fields":{"slug":"/connectorconfig/tableau","title":"Tableau connector"}}},{"node":{"fields":{"slug":"/developerguide/10-OpenIAM-opensource-rep","title":"OpenIAM open source repository"}}},{"node":{"fields":{"slug":"/connectorconfig/workday","title":"Workday connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css","title":"Customizing branding"}}},{"node":{"fields":{"slug":"/developerguide/3-whitelisting","title":"Whitelisting packages"}}},{"node":{"fields":{"slug":"/developerguide/4-scheduledtasks","title":"Batch/Scheduled tasks"}}},{"node":{"fields":{"slug":"/connectorconfig/freeIPA","title":"FreeIPA connector"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel","title":"Data model"}}},{"node":{"fields":{"slug":"/developerguide/2-api","title":"RESTful API"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization","title":"Synchronization Scripts"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/1-login","title":"Logging in to SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice","title":"Operations via SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess","title":"User access rights"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest","title":"Request management"}}},{"node":{"fields":{"slug":"/getting-started/1-what_is_openiam","title":"What is OpenIAM?"}}},{"node":{"fields":{"slug":"/getting-started/2-productarchitecture","title":"Platform architecture"}}},{"node":{"fields":{"slug":"/getting-started/3-install_openiam","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/6-singlesignon","title":"Single sign-on"}}},{"node":{"fields":{"slug":"/getting-started/21-concepts","title":"Concepts"}}},{"node":{"fields":{"slug":"/getting-started/5-connecting","title":"Connecting to an authoritative source"}}},{"node":{"fields":{"slug":"/developerguide/6-ide","title":"Script development using an IDE"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/getting-started/7-selfservice-pswd","title":"SelfService password reset"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce","title":"Discovery questions"}}},{"node":{"fields":{"slug":"/getting-started/9-openiam-as-IdP","title":"Integrating OpenIAM as your IdP"}}},{"node":{"fields":{"slug":"/getting-started/8-openiam-with-IdP","title":"Integrating OpenIAM with your IdP"}}},{"node":{"fields":{"slug":"/getting-started/99-multifactor-authentication","title":"Configuring multi-factor authentication"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning","title":"Automated user provisioning"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation","title":"Deploying via RPM on Linux"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation","title":"Deploying to Kubernetes"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation","title":"Deploying on OpenShift"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation","title":"Deploying via Docker"}}},{"node":{"fields":{"slug":"/installation/8-sizing","title":"Sizing recommendations"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous","title":"Miscellaneous related articles"}}},{"node":{"fields":{"slug":"/ssocatalog/AWS","title":"AWS SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Gsuite","title":"GSuite SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Freshdesk","title":"Freshdesk SSO"}}},{"node":{"fields":{"slug":"/installation/9-data_migration","title":"OpenIAM data migration"}}},{"node":{"fields":{"slug":"/ssocatalog/Azure","title":"Azure SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Office365","title":"Office365 SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Salesforce","title":"Salesforce.com"}}},{"node":{"fields":{"slug":"/ssocatalog/okta","title":"Okta SSO"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster","title":"Cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors","title":"Connectors"}}},{"node":{"fields":{"slug":"/troubleshooting/docker","title":"Docker Swarm"}}},{"node":{"fields":{"slug":"/troubleshooting/environment","title":"Environment"}}},{"node":{"fields":{"slug":"/troubleshooting/operational","title":"Operational"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm","title":"RPM"}}},{"node":{"fields":{"slug":"/whatsnew/10-v4218","title":"New in v4.2.1.8"}}},{"node":{"fields":{"slug":"/whatsnew/1-v420","title":"New in v4.2.0.0"}}},{"node":{"fields":{"slug":"/whatsnew/12-v42110","title":"New in v4.2.1.10"}}},{"node":{"fields":{"slug":"/whatsnew/11-v4219","title":"New in v4.2.1.9"}}},{"node":{"fields":{"slug":"/whatsnew/16-v42115","title":"New in v4.2.1.15"}}},{"node":{"fields":{"slug":"/troubleshooting/v3_update","title":"Update from V3.X to V4.X"}}},{"node":{"fields":{"slug":"/whatsnew/15-v42113","title":"New in v4.2.1.13"}}},{"node":{"fields":{"slug":"/whatsnew/16-v422","title":"New in v4.2.2"}}},{"node":{"fields":{"slug":"/whatsnew/17-v2026.1.1","title":"New in v2026.1.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.2.1","title":"New in v2026.2.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.3.1","title":"New in v2026.3.1"}}},{"node":{"fields":{"slug":"/whatsnew/19-v2026.3.2","title":"New in v2026.3.2"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.4.1","title":"New in v2026.4.1"}}},{"node":{"fields":{"slug":"/whatsnew/21-v2026.4.2","title":"New in v2026.4.2"}}},{"node":{"fields":{"slug":"/whatsnew/7-v4215","title":"New in v4.2.1.5"}}},{"node":{"fields":{"slug":"/whatsnew/8-v4216","title":"New in v4.2.1.6"}}},{"node":{"fields":{"slug":"/whatsnew/13-v42111","title":"New in v4.2.1.11"}}},{"node":{"fields":{"slug":"/whatsnew/22-v2026.5.1","title":"New in v2026.5.1"}}},{"node":{"fields":{"slug":"/connectorconfig/salesforce","title":"Salesforce.com connector"}}},{"node":{"fields":{"slug":"/admin/17-services-manual-passwd-change","title":"Manual password update for OpenIAM services in RPM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/10-bulkoperations","title":"Bulk operations"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/1-createuser","title":"Creating a user"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/11-bulkentitlements","title":"Bulk operations with entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/12-externaldelegation","title":"Organization level delegation"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/13-unlock-account","title":"Unlocking an account"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/14-add-remove-entitlements","title":"Adding/Removing entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/16-user-conversion","title":"User conversion"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/18-creating-new-dept-division","title":"Creating a new department or division"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/17-newhireworkflow","title":"New hire workflow configuration"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/2-usertypes","title":"Custom user types"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/15-rehireuserflow","title":"Rehire user flow"}}},{"node":{"fields":{"slug":"/whatsnew/14-v42112","title":"New in v4.2.1.12"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/6-relatedAccount","title":"Related accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/5-finduser","title":"User search"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/8-serviceaccounts","title":"Service accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/9-orphanmanagement","title":"Orphan management"}}},{"node":{"fields":{"slug":"/whatsnew/9-v4217","title":"New in v4.2.1.7"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/7-customfields","title":"Custom fields"}}},{"node":{"fields":{"slug":"/admin/10-password/1-pswd-compromised","title":"Password breach detection"}}},{"node":{"fields":{"slug":"/admin/12-administration/3-squence-generator","title":"Sequence generators"}}},{"node":{"fields":{"slug":"/admin/12-administration/5-links","title":"External links on login page"}}},{"node":{"fields":{"slug":"/admin/12-administration/6-languages","title":"Managing languages"}}},{"node":{"fields":{"slug":"/admin/12-administration/7-reconciliationhistory","title":"Reconciliation history"}}},{"node":{"fields":{"slug":"/admin/12-administration/8-aboutopenIAM-page","title":"About OpenIAM Page"}}},{"node":{"fields":{"slug":"/admin/12-administration/99-heartbeat","title":"Heartbeat links"}}},{"node":{"fields":{"slug":"/admin/12-administration/9-reindex_elasticsearch","title":"Reindex Opensearch"}}},{"node":{"fields":{"slug":"/admin/15-audit/2-audit-log-export-connector","title":"Audit log export connector"}}},{"node":{"fields":{"slug":"/admin/15-audit/1-audit-events-interpret","title":"Audit events interpretation"}}},{"node":{"fields":{"slug":"/admin/2-authentication/1-auth-overview","title":"Configuring authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/10-fidologin","title":"FIDO-2 authentication"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/3-adminoperations","title":"Administrative actions on a User"}}},{"node":{"fields":{"slug":"/admin/2-authentication/11-credentialprovider","title":"Credential provider"}}},{"node":{"fields":{"slug":"/admin/2-authentication/14-duo-auth","title":"Duo authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/13-criiptoauth","title":"Criipto authentication"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration","title":"Configuring page templates"}}},{"node":{"fields":{"slug":"/admin/2-authentication/16-external-multiselect-auth","title":"External/multiselect authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/15-modernauth","title":"Microsoft Modern authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-auth-policy","title":"Authentication policy"}}},{"node":{"fields":{"slug":"/admin/2-authentication/21-dashboards","title":"Monitoring dashboards"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-delegatedauth","title":"Managed System authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/3-passwordauth","title":"Password-based authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/7-otp","title":"OTP over SMS or E-mail"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social","title":"Social authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/1-overview","title":"Introduction to access control"}}},{"node":{"fields":{"slug":"/admin/2-authentication/9-adaptiveauth","title":"Adaptive authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/10-accessright","title":"Access rights"}}},{"node":{"fields":{"slug":"/admin/3-authz/11-contentprovider","title":"Content provider"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus","title":"Menus"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-conflict-groups","title":"Conflict Groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles","title":"Managing roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups","title":"Managing groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/4-types","title":"Metadata types"}}},{"node":{"fields":{"slug":"/admin/3-authz/5-resources","title":"Managing resources"}}},{"node":{"fields":{"slug":"/admin/3-authz/8-accesstossoapps","title":"Access to SSO applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-account-unlock","title":"Setting up account unlock"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/1-Automated-applications","title":"Connected applications"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications","title":"Manual applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-certificateauth","title":"Configuring certificate-based authentication"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/10-managedsystemsimulation","title":"Managed system simulation mode"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/12-LDAP-managedsys-config","title":"LDAP Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config","title":"Configure Provisioning"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/2-incrementalsynch","title":"Incremental synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/1-synch","title":"Configuring synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/3-recon","title":"Configure reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/4-birthright","title":"Birthright access"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/6-managedsystem-config","title":"Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/5-recon-groovy","title":"Groovy Scripts for Reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/9-importorganization","title":"Import Organizations"}}},{"node":{"fields":{"slug":"/admin/3-authz/9-approvalflow","title":"Configuring approval workflows"}}},{"node":{"fields":{"slug":"/admin/3-authz/6-organization","title":"Managing organizations"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/8-importentitlements","title":"Import entitlements"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/2-approval-flow","title":"Approval flow"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/4-post-request","title":"After request has been approved"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/5-approve-by-email","title":"Approving requests via Email"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/3-manualTasks","title":"Manual tasks"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/1-entitlmentcert","title":"Entitlement based certification"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/7-questionnaire","title":"Questionnaire"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/10-mitigation-controls","title":"Mitigation controls for SoD"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-event-driven-cert","title":"Risk event driven certification"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-factor-config","title":"Risk factors configuration"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-usercert","title":"User based review"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/3-certification-reporting","title":"Certification reporting"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/5-delete-campaign","title":"Deleting an access certification campaign"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/4-membership-tags","title":"Membership tags"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/6-campaign-database","title":"Access certification campaigns as database objects"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/1-application-category","title":"Application categories"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/8-multiple-reviwer-campaigns","title":"Multi-reviewer user access review campaigns"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/9-segregation-of-duties","title":"Segregation of Duties (SoD) policies"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml","title":"Add SAML SP to OpenIAM"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/7-expiration-policy","title":"Expiration policy"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/1-formfill","title":"Form Fill"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/2-headerinj","title":"Header Injection"}}},{"node":{"fields":{"slug":"/admin/8-sso/5-auth_scopes","title":"OpenIAM oAuth scopes"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/3-urlrewriting","title":"URL Rewriting"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/6-example","title":"Examples"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/8-kerberos","title":"Setting up Kerberos via rProxy"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/7-rProxy-loadbalancer","title":"Reverse Proxy with Load Balancer"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/9-directive-reference","title":"mod_openiam Directive Reference"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2","title":"oAuth 2.0"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal","title":"WinLocal OpenIAM connector"}}},{"node":{"fields":{"slug":"/admin/8-sso/3-oidc","title":"OpenID Connect"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/1-powershellconnectorinstallation","title":"Installing PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-dynamics365FO","title":"Dynamics365 Finance&Operations connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-WindowsPasswordFilter","title":"AD Password Filter"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/13-successfactors","title":"SuccessFactors connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/14-psgraph","title":"Microsoft Graph PowerShell connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/15-powershell-generic","title":"Building a custom PowerShell connector for OpenIAM"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management","title":"Mail management"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig","title":"System configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/4-otpconfig","title":"Configure OTP Provider"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/16-teams","title":"Microsoft Teams connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/3-powershellconnectorupdate","title":"Updating PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/5-azuread","title":"Entra ID/O365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/7-azuredevops","title":"Azure DevOps connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/8-dynamics365","title":"Dynamics365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/9-sqlserver","title":"Microsoft SQL Server connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/connector-request-template","title":"OpenIAM connector request template"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/1-customcss","title":"Creating custom CSS"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/GroovyScriptConnector","title":"Configuring Groovy Script connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/2-cssexamples","title":"CSS file examples"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/6-exchange","title":"Exchange connector"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman","title":"Getting started with Postman"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/2-powershellconnectorsusage","title":"Using PowerShell connectors"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python","title":"Getting started with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java","title":"Getting started with Java"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/2-access-certification-reminder","title":"Notification reminders for approvers"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/1-usermodel","title":"User data model"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/2-rbacmodel","title":"Access control model"}}},{"node":{"fields":{"slug":"/developerguide/8-api/approver-association","title":"/webconsole - approver-association"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-right","title":"/webconsole - access-right"}}},{"node":{"fields":{"slug":"/developerguide/8-api/audit-log","title":"/webconsole - audit-log"}}},{"node":{"fields":{"slug":"/developerguide/8-api/auth-provider","title":"/webconsole - auth-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/authentication-grouping","title":"/webconsole - authentication-grouping"}}},{"node":{"fields":{"slug":"/developerguide/8-api/challenge-response","title":"/webconsole - challenge-response"}}},{"node":{"fields":{"slug":"/developerguide/8-api/batch","title":"/webconsole - batch"}}},{"node":{"fields":{"slug":"/developerguide/8-api/connector","title":"/webconsole - connector"}}},{"node":{"fields":{"slug":"/developerguide/8-api/content-provider","title":"/webconsole - content-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/email","title":"/webconsole - email"}}},{"node":{"fields":{"slug":"/developerguide/8-api/elastic-search","title":"/webconsole - elastic-search"}}},{"node":{"fields":{"slug":"/developerguide/8-api/field","title":"/webconsole - field"}}},{"node":{"fields":{"slug":"/developerguide/8-api/groovy-manager","title":"/webconsole - groovy-manager"}}},{"node":{"fields":{"slug":"/developerguide/8-api/group","title":"/webconsole - group"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-oauth","title":"/idp - idp-oauth"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/1-provision-on-date","title":"Provision/Deprovision on date"}}},{"node":{"fields":{"slug":"/developerguide/8-api/managed-system","title":"/webconsole - managed-system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/menu","title":"/webconsole - menu"}}},{"node":{"fields":{"slug":"/developerguide/8-api/metadata","title":"/webconsole - metadata"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.3.3","title":"New in 2026.3.3"}}},{"node":{"fields":{"slug":"/developerguide/8-api/oauth","title":"/webconsole - oauth"}}},{"node":{"fields":{"slug":"/developerguide/8-api/it-policy","title":"/webconsole - it-policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization-type","title":"/webconsole - organization-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-rest","title":"/idp - idp-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/page-template","title":"/webconsole - page-template"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization","title":"/webconsole - organization"}}},{"node":{"fields":{"slug":"/developerguide/8-api/property-value","title":"/webconsole - property-value"}}},{"node":{"fields":{"slug":"/developerguide/8-api/report","title":"/webconsole - report"}}},{"node":{"fields":{"slug":"/developerguide/8-api/policy","title":"/webconsole - policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource-type","title":"/webconsole - resource-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource","title":"/webconsole - resource"}}},{"node":{"fields":{"slug":"/developerguide/8-api/role","title":"/webconsole - role"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-config","title":"/webconsole - sync-config"}}},{"node":{"fields":{"slug":"/developerguide/8-api/ui-theme","title":"/webconsole - ui-theme"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-rest","title":"/webconsole - sync-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/system","title":"/webconsole - system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/uri-pattern","title":"/webconsole - uri-pattern"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov","title":"Automated provisioning Scripts"}}},{"node":{"fields":{"slug":"/developerguide/8-api/user","title":"/webconsole - user"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import","title":"Import from application"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/3-importing_groups","title":"Importing groups from application"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/1-forgotpassword","title":"Forgot password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/3-changepassword","title":"Updating your password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/4-outofoffice","title":"Out of office assistant"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/2-updateprofile","title":"Updating user profile"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/4-relations-with-manager","title":"Populating a manager"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/5-forgotusername","title":"Forgot username"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/6-updatesecquestions","title":"Updating security questions"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/1-servicecatalog","title":"Requesting access via catalog"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/10-positionchange","title":"Position change request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/11-accessprofiles","title":"Access profiles"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/12-bulkupload","title":"Uploading users in bulk"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/5-approverequest","title":"Approving requests"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/2-jobprofile","title":"Requesting access from profile"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/6-requestadministration","title":"Request administration"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/7-requesthistory","title":"Requests history"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/9-newuser","title":"Creating a new user"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/1-viewmyaccess","title":"View my access"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/8-newgroup","title":"Creating a group request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/2-directreports","title":"View direct reports"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/3-UAR-in-Self-Service","title":"User access review module in SelfService"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/1-designrole","title":"Designing business roles"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/2-openiam-access-role","title":"Designing access roles"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/3-connector-planning","title":"Connector requirements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect","title":"Deploying and registering connectors"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements","title":"Importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements","title":"Importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/1-jml","title":"Joiners, movers, leavers processes"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial","title":"Automated provisioning tutorial"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode","title":"Single VM Install"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/10-ha-rpm","title":"High availability (HA) deployment using RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/11-configuration-options","title":"Configuration options in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/2-rproxy","title":"r-Proxy installation in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/12-migrating-onpremises-to-cloud","title":"Migrating OpenIAM from on-premises installation to a cloud-based infrastructure"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports","title":"Deployment architecture in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/4-backup","title":"RPM backup / recovery"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading","title":"Upgrading OpenIAM in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB","title":"Installing OpenIAM with a remote database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/8-ssl","title":"Configuring HTTPS in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-migrating-non-production-to-production-environment","title":"Migrating non-production to production environment in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/1-https","title":"Configuring HTTPS on Docker"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/9-rabbitssl","title":"Enable TLS for RabbitMQ in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading","title":"Upgrading OpenIAM in Docker environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/4-YAML-files","title":"Docker YAML files"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/5-docker-swarm-backup","title":"Backup / restore in Docker Swarm"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/2-Configuration-options","title":"Configuration options in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/6-externalDB","title":"Installing OpenIAM with a remote database in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/1-ssl","title":"Configuring HTTPS in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/10-backup-and-restoration","title":"Backup and restoration procedure in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/11-common-scenario","title":"Installing OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/12-vault-migration-fromRPM-toK8","title":"Migration of Vault from RPM-based cluster to Kubernetes-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/2-deployment-with-terraform","title":"Deploying OpenIAM with Terraform"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/3-depl-without-terraform","title":"Deploying OpenIAM on Kubernetes using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/4-RabbitMQ-TLS","title":"RabbitMQ TLS directory in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading","title":"Upgrading OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/7-useal-keys-restoration","title":"Backing up and restoring the vault unseal keys in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms","title":"Kubernetes Platforms"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/9-remoteDB","title":"Installing OpenIAM with a remote database in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/1-create-cluster","title":"Creating an OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/8-AKS_with_ext_MSSQL","title":"Deploying OpenIAM on AKS (Kubernetes) with an external MSSQL database"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/2-connect-to-cluster","title":"Connect to OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/4-some-descriptions-helm","title":"Memory requirements for OpenShift deployment with Helm"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/5-localhost-dev-cluster","title":"Localhost development cluster"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/6-deploy-from-windows","title":"Deploy OpenIAM to OpenShift cluster with Helm (from Windows)"}}},{"node":{"fields":{"slug":"/installation/8-sizing/2-medium-k8","title":"Medium Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/8-sizing/1-small-k8","title":"Small Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/9-data_migration/1-migrating_ES_Docker","title":"Verifying and migrating Elasticsearch data in Docker-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/01-log4j","title":"Log4j Vulnerability"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/02-hardening","title":"Securing your installation"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/03-db-switch","title":"Change OpenIAM product database"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/04-compatibility","title":"Compatibility matrix"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/05-postgres-install","title":"Installing PostgreSQL 15"}}},{"node":{"fields":{"slug":"/installation/99-miscellaneous/04-compatibility","title":"Compatibility Matrix"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-certification","title":"/webconsole - access-certification"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/1-rabbitmq-reinit","title":"RabbitMQ cluster went out of order"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/3-Rabbitmq-connection-timeout","title":"RabbitMQ connection timeout issue"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/2-rabbitmq-UI","title":"RabbitMQ is not reached from UI in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors/sync-vs-async-source","title":"Synchronous vs. asynchronous synchronization source for connectors"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/3-deploy-OpenIAM-helm","title":"Deploy OpenIAM to OpenShift cluster with Helm"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/1-connectorlogs","title":"View container logs"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/2-containersrestart","title":"Containers Restarting"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/3-uninstall","title":"Remove an OpenIAM Docker Install"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/4-troubleshooting-steps","title":"Troubleshooting steps in a container-based cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/memoryutili","title":"Check memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/redismemory","title":"Redis memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/disableswap","title":"Disable swap"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/JDBC-connection-pool","title":"Increasing the JDBC connection pool size"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/5-log-checking-guide","title":"Docker log checking guide"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-after-migration","title":"Access problem after migrating OpenIAM"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-forbidden","title":"Access Forbidden error"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/activationlink","title":"Error when sending activation link"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/audit-doc-timestamp","title":"Audit document timestamp issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/auth-manager","title":"Backend exception error when running authentication manager"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/database-reset","title":"Database reset"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/debug-logs-CassandraJanusGraph","title":"Enabling and disabling debug logs for Cassandra and JanusGraph"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/elasticsearch-readonly-state","title":"Elasticsearch read-only state"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/flyway_version","title":"Flyway version issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/increasing-RAM","title":"Increasing memory for OpenIAM services"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/lackof_disk_space","title":"Running out of disk space"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/modifly_system_labels_and_messages","title":"Changing system labels and messages"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/my-application-page-selfservice","title":"Changing refresh time for My Applications page in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/overriding-app-properties","title":"Overriding UI application properties"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/pad-block-corrupted","title":"PAD Block Corrupted"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/remove-navigation-bar","title":"Removing menu items from top navigation bar"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/report-generation-issue","title":"Error during report generating in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/resetting_passwords","title":"Resetting passwords"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/run_flyway_repair_mode","title":"Run Flyway in repair mode"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/unlocksysadmin","title":"Unlock sysadmin"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/username_in_selfservice","title":"Username not shown in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/failed-dependencies","title":"Failed dependencies"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/trobleshooting_guide","title":"Troubleshooting guide for RPM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/1-userpage","title":"Configuring user page templates"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/2-customuserpage","title":"Creating more custom user edit pages"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/4-customtemplates","title":"Custom form templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/1-system","title":"System tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/2-regex-validation","title":"Validation regular expressions"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/3-UI","title":"UI tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/5-organization-tab","title":"Organization tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/9-health-checks","title":"Configuring health checks for managed systems"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/4-workflow","title":"Workflow tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/7-authentication","title":"Authentication tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/8-auditeventstosyslog","title":"Exporting audit events to syslogs"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/1-emailtemplates","title":"Email templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/6-password","title":"Password tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/2-smtpconfig","title":"Mailbox Configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/3-multilanguagemail","title":"Multilanguage emails"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/4-mail-via-azure","title":"Mailbox configuration via Azure application"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/5-alert-notifications","title":"Configuring alert notifications"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/6-email-template-variables","title":"Email template variables reference"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/1-googlesociallogin","title":"Google Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/2-facebooksociallogin","title":"Facebook Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/3-linkedinsociallogin","title":"LinkedIn Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/4-appleidsociallogin","title":"AppleID Social Login"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/1-enduseraccess","title":"End-user access roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/2-adminaccess","title":"Admin access role"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/3-FAQ","title":"FAQs about menus and their use"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/4-Config-Lhand-menu-SS-MyInfo","title":"Configurable left-hand menu in SelfService 'My Info' page"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/2-createrole","title":"Create role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/1-role-types","title":"Types of roles existing in OpenIAM"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/3-findrole","title":"Finding an existing role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/5-importingroles","title":"Importing roles"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config/1-prepost-processor","title":"Pre/PostProcessor"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml/1-jit-provisioning","title":"Just-in-time Provisioning"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups/1-create-group","title":"Creating a group"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications/1-reg-applications","title":"Register applications"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/2-postmanconfig","title":"Create Postman collection"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2/1-Auth-code-grand","title":"Authorization code grant type"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/3-add-request","title":"Define an API request in Postman"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/2-winlocalv5","title":"Version 5"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/1-winlocalv4","title":"Version 4"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/1-createauthprovider","title":"Create OpenIAM Provider for Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/4-JWT-tokens","title":"Getting started with JWT tokens in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/5-postman-links","title":"Postman API documentation links"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/1-createauthprovider","title":"Create OpenIAM oAuth provider in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/6-example","title":"Client credentials flow with a defined scope in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/2-grantinguathz","title":"Granting authorization to the API with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/4-enabling-disabling-user","title":"Enabling/Disabling a user with API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/3-api-call-examples","title":"API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/5-object-oriented-impl-example","title":"Object oriented implementation for REST API in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/6-OTP-verification","title":"OTP Verification in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/3-creating-searching-users","title":"Creating and searching a user with API call in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/4-calls-examples","title":"API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/5-enabling-disabling-users","title":"Enabling/Disabling a user with API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/3-azuread","title":"Entra ID"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov/1-newhires","title":"New hires"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/6-importroles","title":"Import Roles"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/1-createauthprovider","title":"Create OpenIAM Provider"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/2-grantauthz","title":"Granting authorization to the API with Java"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/2-rpm","title":"Connectors via RPM"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/3-docker","title":" Connectors via Docker"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/1-configuring-synch","title":"Configuring synchronization for importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/4-k8","title":" Connectors via Kubernetes"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/3-troubleshooting","title":"Troubleshooting"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/2-policymap","title":"Policy map"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/3-creatingrole","title":"Creating role"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/1-config-synch","title":"Configuring synchronization for importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/3-common-questions","title":"Common questions"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/4-birthright","title":"New hire"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/1-provisioningCSV","title":"Creating a synchronization configuration for the source"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/6-termination","title":"Terminations"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/5-transfer","title":"Transfer"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/1-one-node","title":"Single node deployment"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/3-nonroot-partition","title":"Installing OpenIAM on a non-root partition"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/2-three-node","title":"Three node cluster"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/1-rpm-with-internet","title":"Installation with Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-4-2","title":"Upgrading OpenIAM to v.2026.4.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-5-1","title":"Upgrading OpenIAM to v.2026.5.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/1-databasemigration","title":"Database migration from version 3.X to 4.X"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/3-upgradingto-42111","title":"Upgrading from versions 4.2.1.9-4.2.1.10 to version 4.2.1.11 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/2-rpm-no-internet","title":"Installation without Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/2-upgradingto-42110","title":"Upgrading from version 4.2.1.5-4.2-4.2.1.8 to version 4.2.1.10 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-migrating-index-data","title":"Migration of index data from older ElasticSearch versions to newer one"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-upgradingto-42112","title":"Upgrading from versions 4.2.1.x to version 4.2.1.12 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-infrastructure_upgrade","title":"Infrastructure upgrade"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/7-upgradingto-422","title":"Upgrading OpenIAM from versions 4.2.1.x to 4.2.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/6-infra-upgrade-42113","title":"Infrastructure upgrade in v4.2.1.13"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-1","title":"Upgrading OpenIAM to v.2026.3.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-2","title":"Upgrading OpenIAM to v.2026.3.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/9-422-changes","title":"Known issues related to upgrading from 4.2.1.x to 2026.4.1 version"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-2-1","title":"Upgrading OpenIAM to v.2026.2.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/1-oracle","title":"Installing OpenIAM with a remote Oracle database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/2-postgres","title":"Installing OpenIAM with a remote Postgres database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-upgradingto-42115","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/3-MSSQL","title":"Installing OpenIAM with a remote MSSQL database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/1-upgrade-4219","title":"Upgrade from version 4.2.1.5-4.2.1.8 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/2-upgrade-42110","title":"Upgrade from version 4.2.1.9 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/3-upgrade-42111","title":"Upgrade from version 4.2.1.10 to version 4.2.1.11 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/4-upgrade-42115","title":"Upgrade from version 4.2.1.x to version 4.2.1.15 in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/3-upgrade-42113k8-rabbitmq","title":"Upgrading from version below 4.2.1.8 to version 4.2.1.13 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/4-upgrade-42115k8","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/6-upgrade-422k8","title":"Upgrading from version 4.2.1.x to version 4.2.2 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/5-upgrade-42112k8","title":"Upgrading from version 4.2.1.x to version 4.2.1.12 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/1-gce","title":"GCE Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/2-aws","title":"AWS Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/3-helm","title":"Private Kubernetes Cluster using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/4-azure","title":"Azure Kubernetes Guide"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/3-ldapattributeslists","title":"LDAP Attribute list for User Synchronization"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/1-ldapvalidation","title":"Synchronization Validation Script"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/2-ldapsynchusers","title":"LDAP User Synchronization Script"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/1-ADgroup-transformation","title":"Sample transformation script for AD groups"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/2-csv-transformation","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/4-csv-users-entitlements","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/3-ADtransformation-usergroup","title":"Sample transformation script for AD users and group memberships"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.2","title":"Release 4.2.2"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/4-adpowershell","title":"Active Directory PowerShell connector"}}},{"node":{"fields":{"slug":"/appendix/5-message_en_file","title":"Message properties"}}}]}},"pageContext":{"id":"10b2eb8f-7eb8-5826-a2f5-f3770270b077"}}, "staticQueryHashes": ["2619113677","3706406642","417421954"]}