{ "componentChunkName": "component---src-templates-docs-js", "path": "/installation/1-rpm-installation/1-singlenode/1-rpm-with-internet", "result": {"data":{"site":{"siteMetadata":{"title":"OpenIAM Documentation v2026.5.1 | OpenIAM","docsLocation":""}},"mdx":{"fields":{"id":"8cb9c365-4043-54f1-bd64-d7526534bc48","title":"Installation with Internet access","slug":"/installation/1-rpm-installation/1-singlenode/1-rpm-with-internet"},"body":"var _excluded = [\"components\"];\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n \"title\": \"Installation with Internet access\",\n \"metaTitle\": \"Installation with Internet access via RPM on Linux\",\n \"metaDescription\": \"This page describes how to install OpenIAM via an RPM on Linux\"\n};\nvar layoutProps = {\n _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n var components = _ref.components,\n props = _objectWithoutProperties(_ref, _excluded);\n\n return mdx(MDXLayout, _extends({}, layoutProps, props, {\n components: components,\n mdxType: \"MDXLayout\"\n }), mdx(\"p\", null, \"This section builds on the initial installation steps described in the \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"../1-singlenode\"\n }, \"RPM install\"), \" section. Please ensure that you have completed the steps in that section before proceeding.\"), mdx(\"h2\", null, \"Installation with Internet access\"), mdx(\"p\", null, \"This type of installation is suitable for environments where the servers running the OpenIAM software will have internet access and can reach the OpenIAM website to download the software. You can validate internet connection by running the command below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"curl https://openiam.com/; echo $?\\n\")), mdx(\"p\", null, \"You should see \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"0\"), \" as a result. If you see non-zero result, its means that you \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"CANNOT\"), \" reach the OpenIAM web site from your deployment server. Please resolve the internet access or use the \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"../1-singlenode/2-rpm-no-internet\"\n }, \"offline installation\"), \" instructions.\"), mdx(\"p\", null, \"The RPM installation starting from OpenIAM 2026.3.3 supports Enterprise Linux 9 (EL9). During the installation process, you will be prompted to install MariaDB RDBMS as the default database.\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Database recommendations\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"MariaDB Usage: MariaDB is suitable for Demo, Proof-of-Concept (POC), or small-scale deployments. However, for production environments, we strongly recommend using a corporate-standard database that aligns with your organization\\u2019s IT policies and is fully supported operationally.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"MariaDB in Production: If you choose to use MariaDB in a production setting, ensure that:\", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"It is properly sized for your workload\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"It is deployed in a high-availability (HA) configuration to enhance reliability.\")))), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Using an existing Database infrastructure\")), mdx(\"p\", null, \"If you already have a database infrastructure you prefer to use, select \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"N\"), \" when prompted during the installation. This option allows you to integrate OpenIAM with your preferred database system.\"), mdx(\"p\", null, \"The following sections will guide you through the OpenIAM installation process step by step.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Download the RPM installer using the following command.\"), mdx(\"p\", {\n parentName: \"li\"\n }, \" For EL8: \"), mdx(\"pre\", {\n parentName: \"li\"\n }, mdx(\"code\", {\n parentName: \"pre\"\n }, \" curl https://download.openiam.com/release/enterprise/2026.5.1/rpm/openiam-2026.5.1.noarch.x86_64.rpm --output /usr/src/openiam-2026.5.1.noarch.x86_64.rpm \\n\")), mdx(\"p\", {\n parentName: \"li\"\n }, \" For EL9: \"), mdx(\"pre\", {\n parentName: \"li\"\n }, mdx(\"code\", {\n parentName: \"pre\"\n }, \" curl https://download.openiam.com/release/enterprise/2026.5.1/rpm/openiam-2026.5.1.noarch.x86_64.rpm --output /usr/src/openiam-2026.5.1.noarch.x86_64.rpm \\n\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Once the download is complete, install OpenIAM using the following command. This step will also update the initial \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ulimit\"), \" settings, which are required for the subsequent installation process\"), mdx(\"pre\", {\n parentName: \"li\"\n }, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo rpm -i openiam-2026.5.1.noarch.x86_64.rpm\\n\")))), mdx(\"p\", null, \"You should see the output like one given below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openiam/\\nopeniam/vault/\\nopeniam/vault/openiam.cluster.policy.hcl\\nopeniam/vault/openiam.policy.hcl\\nopeniam/vault/secret.policy.hcl\\nopeniam/vault/consul\\nopeniam/vault/medusa\\nopeniam/vault/vault\\nopeniam/services/shutdown.sh\\nopeniam/services/start_auth.sh\\nopeniam/services/start_br.sh\\nopeniam/services/start_device.sh\\nopeniam/services/start_email.sh\\nopeniam/services/start_esb.sh\\nopeniam/services/start_groovy.sh\\nopeniam/services/start_idm.sh\\nopeniam/services/start_idp.sh\\nopeniam/services/start_recon.sh\\nopeniam/services/start_reportviewer.sh\\nopeniam/services/start_sas.sh\\nopeniam/services/start_selfservice.sh\\nopeniam/services/start_selfservice_ext.sh\\nopeniam/services/start_sync.sh\\nopeniam/services/start_ui_static.sh\\nopeniam/services/start_webconsole.sh\\nopeniam/services/start_workflow.sh\\nopeniam/OpenIAM-Base-Local.repo\\nopeniam/env.conf\\n\")), mdx(\"p\", null, \"Your VM will reboot to apply changes to \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ulimit\"), \". After it reboots, reconnect to your VM by executing the following command and providing your credentials when prompted.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"ssh [username]@[IP address of your VM]\\n\")), mdx(\"p\", null, \"In case you don't want the VM to reboot for no, you can use \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"shutdown -c\"), \" command to cancel the server from rebooting.\"), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Start the initialization process which will download files required for installation from OpenIAM server. Please follow the instructions on the screen.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo openiam-cli init\\n\")), mdx(\"p\", null, \"You will be asked about Internet access on this box, as shown below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"[root@ip-172-16-0-181 ~]# openiam-cli init\\nInitialize openiam\\nDoes this box have Internet access ? [y/n]:\\n\")), mdx(\"p\", null, \"Type \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"y\"), \" and press \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Enter\"), \".\"), mdx(\"p\", null, \"The system will download additional files, extract them locally, update your repository, and install essential base packages. You will see output similar to the snippet below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Initialize openiam\\nDoes this box have Internet access ? [y/n]:y\\nIt is default configuration in env.conf\\nDownload file openiamrepo.tar.gz from OpenIAM website\\nDownload file backend.tar.gz from OpenIAM website\\nDownload file frontend.tar.gz from OpenIAM website\\nopeniamrepo/\\nopeniamrepo/mariadb/\\nopeniamrepo/mariadb/perl-MIME-Base64-3.15-396.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-Math-BigInt-1.9998.11-7.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-Pod-Usage-1.69-395.el8.noarch.rpm\\nopeniamrepo/mariadb/mariadb-backup-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm\\nopeniamrepo/mariadb/perl-Net-SSLeay-1.88-2.module+el8.6.0+13392+f0897f98.x86_64.rpm\\nopeniamrepo/mariadb/perl-IO-1.38-422.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-DBD-MySQL-4.046-3.module+el8.1.0+2938+301254e2.x86_64.rpm\\nopeniamrepo/mariadb/mariadb-errmsg-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm\\nopeniamrepo/mariadb/perl-interpreter-5.26.3-422.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-Term-ANSIColor-4.06-396.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-Time-Local-1.280-1.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-Unicode-Normalize-1.25-396.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-Scalar-List-Utils-1.49-2.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-Mozilla-CA-20160104-7.module+el8.3.0+6498+9eecfe51.noarch.rpm\\nopeniamrepo/mariadb/compat-openssl11-1.1.1k-4.el9.x86_64.rpm\\nopeniamrepo/mariadb/mariadb-connector-c-3.1.11-2.el8_3.x86_64.rpm\\nopeniamrepo/mariadb/perl-podlators-4.11-1.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-Exporter-5.72-396.el8.noarch.rpm\\nopeniamrepo/mariadb/mariadb-server-utils-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm\\nopeniamrepo/mariadb/perl-Math-Complex-1.59-422.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-Text-ParseWords-3.30-395.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-Digest-MD5-2.55-396.el8.x86_64.rpm\\nopeniamrepo/mariadb/libaio-0.3.112-1.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-File-Path-2.15-2.el8.noarch.rpm\\nopeniamrepo/mariadb/mariadb-server-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm\\nopeniamrepo/mariadb/perl-PathTools-3.74-1.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-Pod-Escapes-1.07-395.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-libs-5.26.3-422.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-Socket-2.027-3.el8.x86_64.rpm\\nopeniamrepo/mariadb/perl-Carp-1.42-396.el8.noarch.rpm\\nopeniamrepo/mariadb/perl-threads-shared-1.58-2.el8.x86_64.rpm\\nopeniamrepo/mariadb/mariadb-10.3.39-1.module+el8.8.0+19673+72b0d35f.x86_64.rpm\\nopeniamrepo/mariadb/perl-IO-Socket-IP-0.39-5.el8.noarch.rpm\\n\\n...\\n\\n================================================================================\\n Package Architecture Version Repository Size\\n================================================================================\\nInstalling:\\n m4 x86_64 1.4.19-1.el9 appstream 294 k\\n telnet x86_64 1:0.17-85.el9 appstream 63 k\\n\\nTransaction Summary\\n================================================================================\\nInstall 2 Packages\\n\\nTotal download size: 357 k\\nInstalled size: 703 k\\nDownloading Packages:\\n(1/2): telnet-0.17-85.el9.x86_64.rpm 327 kB/s | 63 kB 00:00\\n(2/2): m4-1.4.19-1.el9.x86_64.rpm 1.0 MB/s | 294 kB 00:00\\n--------------------------------------------------------------------------------\\nTotal 988 kB/s | 357 kB 00:00\\nRunning transaction check\\nTransaction check succeeded.\\nRunning transaction test\\nTransaction test succeeded.\\nRunning transaction\\n Preparing : 1/1\\n Installing : m4-1.4.19-1.el9.x86_64 1/2\\n Installing : telnet-1:0.17-85.el9.x86_64 2/2\\n Running scriptlet: telnet-1:0.17-85.el9.x86_64 2/2\\n Verifying : telnet-1:0.17-85.el9.x86_64 1/2\\n Verifying : m4-1.4.19-1.el9.x86_64 2/2\\n\\nInstalled:\\n m4-1.4.19-1.el9.x86_64 telnet-1:0.17-85.el9.x86_64\\n\\nComplete!\\nworkflow.jar\\nsynchronization.jar\\nreconciliation.jar\\nopeniam-esb.jar\\nidm.jar\\ngroovy-manager.jar\\nemail-manager.jar\\ndevice-manager.jar\\nauth-manager.jar\\nbusiness-rule-manager.jar\\nsas-manager.jar\\nsas-lib.zip\\nidp.war\\nopeniam-ui-static.war\\nselfservice-ext.war\\nselfservice.war\\nwebconsole.war\\nreportviewer.war\\n\")), mdx(\"ol\", {\n \"start\": 4\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"You will be asked if you want to install MariaDB as the default database.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Would you like to install MariaDB RDBMS locally? [y/n]:\\n\")), mdx(\"p\", null, \"Please answer \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Y\"), \" if you would like to use the local MariaDB RDBMS as a database server. To use another database, please enter \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"N\"), \". This question enables the installation of MariaDB so that it can be used later in the installation process.\"), mdx(\"p\", null, \"4.1. If you answered \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Y\"), \", the MariaDB installer will prepare the files needed to install and configure MariaDB. Once this process is complete, you will be asked the questions below. Answer them and proceed to the next step.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"Enter current password for root (enter for none):\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \", as no password has been set yet.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"You will see the following confirmation message.\")))), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"OK, successfully used password, moving on...\\n\\nSetting the root password ensures that nobody can log into the MariaDB\\nroot user without the proper authorisation.\\n\")), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"Set root password? [Y/n]\"), \" > Press \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"y\"), \" button and after \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \". Type \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"y\"), \" and press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \" to set a password for the MariaDB root user.\"), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"New password:\"), \" >\", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Enter a secure password for the MariaDB root user.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Note\"), \": You will need this password later in the installation process.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Type the same password as in the previous step and press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \".\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"Re-enter new password:\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Type the same password as in the previous step and press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \".\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"Remove anonymous users? [Y/n]\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Type \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"y\"), \" and press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \" to remove anonymous database users.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"This enhances security by ensuring only authenticated users can access MariaDB.\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"Disallow root login remotely? [Y/n]\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Type \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"y\"), \" and press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \" to prevent remote root login.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"This reduces the risk of unauthorized access.\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"Remove test database and access to it? [Y/n]\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Type \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"y\"), \" and press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \" to delete the default test database.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"This prevents potential security risks from an unused database.\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"Reload privilege tables now? [Y/n]\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Type \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"y\"), \" and press \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Enter\"), \" to apply the changes immediately.\")))), mdx(\"p\", null, \"The snippet below provides a view of what you can expect to see in this part of the installation. Note, that for successful installation it is required to set a password for the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"root\"), \" user in MariaDB.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB\\n SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!\\n\\nIn order to log into MariaDB to secure it, we'll need the current\\npassword for the root user. If you've just installed MariaDB, and\\nyou haven't set the root password yet, the password will be blank,\\nso you should just press enter here.\\n\\nEnter current password for root (enter for none):\\nOK, successfully used password, moving on...\\n\\nSetting the root password ensures that nobody can log into the MariaDB\\nroot user without the proper authorisation.\\n\\nSet root password? [Y/n] openiam\\nSet root password? [Y/n] Y\\nNew password:\\nRe-enter new password:\\nPassword updated successfully!\\nReloading privilege tables..\\n ... Success!\\n\\n\\nBy default, a MariaDB installation has an anonymous user, allowing anyone\\nto log into MariaDB without having to have a user account created for\\nthem. This is intended only for testing, and to make the installation\\ngo a bit smoother. You should remove them before moving into a\\nproduction environment.\\n\\nRemove anonymous users? [Y/n] y\\n ... Success!\\n\\nNormally, root should only be allowed to connect from 'localhost'. This\\nensures that someone cannot guess at the root password from the network.\\n\\nDisallow root login remotely? [Y/n] y\\n ... Success!\\n\\nBy default, MariaDB comes with a database named 'test' that anyone can\\naccess. This is also intended only for testing, and should be removed\\nbefore moving into a production environment.\\n\\nRemove test database and access to it? [Y/n] y\\n - Dropping test database...\\n ... Success!\\n - Removing privileges on test database...\\n ... Success!\\n\\nReloading the privilege tables will ensure that all changes made so far\\nwill take effect immediately.\\n\\nReload privilege tables now? [Y/n] y\\n ... Success!\\n\\nCleaning up...\\n\\nAll done! If you've completed all of the above steps, your MariaDB\\ninstallation should now be secure.\\n\\nThanks for using MariaDB!\\n\\n\")), mdx(\"p\", null, \"After MariaDB has been installed, the installer will move forward to a variety of infrastructure services such as the Vault, Redis, RabbitMQ and Cassandra, which is the storage for the graph database used in OpenIAM. This process will take 4-5 min.\"), mdx(\"p\", null, \"The snippet below, which follow the installation of MariaDB, shows a certificate being generated and the vault being initialized.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Certificate request self-signature ok\\nsubject=C=US, ST=NY, L=NY, O=OPENIAM, OU=PRODUCTION, CN=localhost\\nWarning: -clcerts option ignored with -export\\nwriting RSA key\\nWarning: use -cacerts option to access cacerts keystore\\nCertificate was added to keystore\\n[Storing /usr/local/openiam/jdk/lib/security/cacerts]\\nStarting consul...\\nStarting vault...\\nCommand flags must be provided before positional arguments. The followingarguments will not be parsed as flags:\\n\")), mdx(\"p\", null, \"The installer will ask several questions during the initialization process. For most questions, a default value has been provided to simplify the effort for users new to OpenIAM. The sections which requires input from the installer are marked with the following message in the console:\"), mdx(\"span\", {\n style: {\n \"color\": \"#ff0000ff\",\n \"fontWeight\": \"bold\"\n }\n }, \"=============== CRITICAL SECTION ===============\"), mdx(\"h3\", null, \"Defining database and infrastructure components credentials\"), mdx(\"p\", null, \"OpenIAM has three schemas which are created by default: \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam\"), \", \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"activiti\"), \" and \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"groovy\"), \". The \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam\"), \" schema is the primary schema used by the platform and it stores a variety of information ranging from policies to user profile information and more. \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"activiti\"), \" is used to store information about workflows and their execution. The first set of questions raised by the installer are related to the creation of database users for each schema. Each question and its intent are listed below. \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Groovy\"), \" script metadata, including file details, versioning, and last modified timestamp, is managed in the database to support controlled updates and audit tracking. \"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Question raised by the installer\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Explanation\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Set OpenIAM username for schema \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"idmuser\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"This is the DB username that will be used to manage the \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \" OpenIAM schema. This is the primary schema in the solution data related to OpenIAM are stored. Users will be used by the OpenIAM application to communicate with the database. The default value is \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"idmuser\"), \".\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Set OpenIAM password for schema \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"idmuser\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"This is the password that will be used for the username which was provided in the previous step. The default value is: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"idmuser\"), \".\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Set OpenIAM username for schema \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \". For MySQL it will be the same as for \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"This is the DB username that will be used to manage the \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \" schema. Users will be used by OpenIAM application to communicate with the database. Default value is \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \".\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Set OpenIAM password for schema \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \". For MySQL it will be the same as for \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"This is the password for the user associated with the \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \" schema. The default value is \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \".\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Set OpenIAM username for schema \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \". For MySQL it will be the same as for\\u202F\", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"This is the DB username that will be used to \", mdx(\"strong\", {\n parentName: \"td\"\n }, \"manage\"), \" the\\u202Fgroovy\\u202Fschema. Users will be used by OpenIAM application to communicate with the database. Default value is\\u202F\", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \".\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Set OpenIAM password for the \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \" schema. For MySQL it will be the same as for\\u202F\", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \", default:\\u202F\", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \".\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"This is the \", mdx(\"strong\", {\n parentName: \"td\"\n }, \"password\"), \" for the user associated with the\\u202F\", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \"\\u202Fschema. The default value is\\u202F\", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \".\")))), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Database\\nSet OpenIAM username for schema 'openiam' , default: idmuser\\nSet OpenIAM password for schema 'openiam' , default: idmuser\\nSet OpenIAM username for schema 'activiti'., default: activiti\\nSet OpenIAM password for schema 'activiti'., default: activiti\\nSet OpenIAM username for schema 'groovy'., default: groovy\\nSet OpenIAM password for schema 'groovy'., default: groovy\\nSet OpenIAM password for RabbitMQ message broker, default: passwd00\\nSet OpenIAM password for Redis., default: passwd00\\nSet OpenIAM password for REdis Sentinel., default: passwd00\\nUser to Access OpenSearch. If you don't change it on the OS server side, leave it as elastic, default: elastic\\nPassword for elastic to access OpenSearch, default: VlyXHUBDuhgv6BTKjTz7TumtBZL8Zbmu\\nPlease validate information below\\n\\n\")), mdx(\"h3\", null, \"Message broker password\"), mdx(\"p\", null, \"OpenIAM uses RabbitMQ as a message broker. RabbitMQ is the primary transport service used within the OpenIAM application. Services are loosely coupled, and they communicate with each other through the message broker. Cross service communication is encrypted.\"), mdx(\"p\", null, \"The next question raised by the installer is to define a password for RabbitMQ. As seen in the above questions, a default password value is provided for simplicity. For production use, please use a strong password.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Set OpenIAM password for RabbitMQ message broker, default: passwd00\\n\")), mdx(\"h3\", null, \"Memory cache password\"), mdx(\"p\", null, \"Redis is an in-memory distributed cache that is used by OpenIAM to improve system performance. A variety of objects are temporarily stored in Redis including:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"End user web session.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Database object cache.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"High level application cache.\")), mdx(\"p\", null, \"As with other components, access to the cache is secured and the next question asks for a password which should be used for Redis.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Set OpenIAM password for Redis., default: passwd00\\n\")), mdx(\"p\", null, \"If you want to use Redis with TLS select \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"y\"), \", else - select \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"n\"), \" as default parameters and proceed with next steps \"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \" Do you want to enable TLS for Redis? (y/n): n \\n\")), mdx(\"h3\", null, \"OpenSearch credentials\"), mdx(\"p\", null, \"OpenSearch search is used by OpenIAM to enable fast searching of frequently used data. As with the components above, access to OpenSearch is secured through its own set set of credentials. You be prompted for this information as shown below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"OpenIAM Username to access Opensearch: elastic\\nOpenIAM password for elastic user to access Opensearch: ilm5LjYPAeFWbfLE40dthmEOunN4Cnlz\\n\")), mdx(\"blockquote\", null, mdx(\"blockquote\", {\n parentName: \"blockquote\"\n }, mdx(\"p\", {\n parentName: \"blockquote\"\n }, \"The information requested above is critical for the installation process. Mistakes in these steps can disrupt the installation process. To minimize such issues, you will be asked to review the above answers. If you agree with the information, select \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Y\"), \". If you need to fix some information, select \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"N\"), \" and the installer will walk you through this process again.\"))), mdx(\"h3\", null, \"Cassandra\"), mdx(\"p\", null, \"After processing the above information, the installer will then install Cassandra. Cassandra is the storage engine for Janus Graph DB. You will see output like the example below during this step.\"), mdx(\"p\", null, \"There might be an error message at several lines in .java files. Ignore this error - since Cassandra takes a little while to start, an error occurs due to this delay. The installer will wait and then proceed with the installation.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Synchronizing state of cassandra.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.\\nExecuting: /usr/lib/systemd/systemd-sysv-install enable cassandra\\nCreated symlink /etc/systemd/system/default.target.wants/cassandra.service \\u2192 /etc/systemd/system/cassandra.service.\\n0\\nerror: No nodes present in the cluster. Has this node finished starting up?\\n-- StackTrace --\\njava.lang.RuntimeException: No nodes present in the cluster. Has this node finished starting up?\\n\\n...\\n\\nWaiting for cassandra\\n1\\nDatacenter: datacenter1\\n=======================\\nStatus=Up/Down\\n|/ State=Normal/Leaving/Joining/Moving\\n-- Address Load Tokens Owns (effective) Host ID Rack\\nUN 127.0.0.1 73.52 KiB 256 100.0% 5a7c7a99-aeaf-4576-9863-f226a7867ef0 rack1\\n\\nCassandra alive\\nCassandra is ready to use. Continue...\\n\\n\")), mdx(\"p\", null, \"At this point the installer has enough information to complete the installation of: OpenSearch, Redis, and RabbitMQ.\"), mdx(\"h3\", null, \"Initialize Database Schema\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Question raised by the installer\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Explanation\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Use default value if this is new installation. If you are doing an update, specify your current (before update) version here, like 4.1.11.0, default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"0.0.0.0\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"If this install is an upgrade from an existing deployment, then the current version is important as it will determine which scripts need to be applied to upgrade the schema to the current version. If this is a new deployment, you can leave this blank.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the name of the OpenIAM core database. If using MariaDB, this is most likely \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This question provides the option to choose the primary database schema. You should leave this blank and let it default to \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"openiam\"), \". This value should only be changed if the scripts have been altered by the customer.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the name of the OpenIAM Activiti database. If using MariaDB, this is most likely \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This question provides the option to choose the database schema used by the workflow engine. You should leave this blank and let it default to \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"activiti\"), \". This value should only be changed if the scripts have been altered by the customer.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Possible values: MySQL, Postgres, MSSQL, Oracle. Type of the database that you are going to use with OpenIAM. The RDBMS have to be already installed, default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"MySQL\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Select the type of database that you will be using as the OpenIAM product repository. You can leave this blank if you will be using either MariaDB or MySQL. If you are using PostgreSQL, Oracle, or Microsoft SQL Server, enter one of the following values based on your database type: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"postgres\"), \", \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"oracle\"), \", \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"mssql\"), \".\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the name of the OpenIAM Groovy database. If using MariaDB, this is most likely \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This question provides the option to choose the database schema used by OpenIAM. You should leave this blank and let it default to \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"groovy\"), \". This value should only be changed if the scripts have been altered by the customer.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the hostname of where the Groovy database is, default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"localhost\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter the host or DNS name of the server where the workflow database will be deployed.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the port of where the Groovy database is. If using MariaDB, this is most likely \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"3306\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"3306\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter the port number used by the database server hosting the workflow database.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Do you want to initialize OpenIAM schema and users? Select this if you have not created schema and users in RDBMS yet. Super user (root) password will be required \", \"[y/n]\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"If \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"Y\"), \" then the installer will create schemas in the database and corresponding RDBMS users as well. For Oracle/MSSQL it will generate an SQL script that must be performed manually.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter username for super user (for MySQL this is root), default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"root\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The installer needs a super user account or equivalent which has the privileges to create new schemas, users, tables, etc.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter password for super user (\", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"sa\"), \" or \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"root\"), \", depending on the DB type), default:\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter the password for the account provided in the last step.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Do you use AWS RDS MariaDB? If yes, make sure the RDS DB instance has the parameter \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"log_bin_trust_function_creators = 1\"), \" \", \"[y/n]\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Select \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"N\"), \" if AWS RDS MariaDB is not being used for this deployment.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the hostname of where the OpenIAM core database is, default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"localhost\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter the host or DNS name of the server where the primary OpenIAM database will be deployed.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the port of where the OpenIAM core database is. If using MariaDB, this is most likely \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"3306\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"3306\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter the port number used by the database server hosting the primary OpenIAM database.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the hostname of where the Activiti database is, default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"localhost\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter the host or DNS name of the server where the workflow database will be deployed.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the port of where the Activiti database is. If using MariaDB, this is most likely \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"3306\"), \", default: \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"3306\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Enter the port number used by the database server hosting the workflow database.\")))), mdx(\"p\", null, \"Once the questions have been answered, the installer will provide a summary of the questions and answers. Please review before proceeding. An example of this is shown below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Please validate information below \\n--------------------------------- \\nFLYWAY_BASELINE_VERSION=2.3.0.0 \\nFLYWAY_OPENIAM_DATABASE_NAME=openiam \\nFLYWAY_ACTIVITI_DATABASE_NAME=activiti \\nFLYWAY_OPENIAM_HOST=localhost \\nFLYWAY_OPENIAM_PORT=3306 \\nFLYWAY_ACTIVITI_HOST=localhost \\nFLYWAY_ACTIVITI_PORT=3306 \\nFLYWAY_GROOVY_HOST=localhost \\nFLYWAY_GROOVY_PORT=3306 \\nFLYWAY_DATABASE_TYPE=mysql \\nDatabase will be initialized=Y \\nRoot (Db admin) user name=root \\nRoot (Db admin) user password=passwd00 \\nPlease validate your input above, if your are OK with that enter 'y'. To repeat an information collecting procedure enter 'n' :y \\n\")), mdx(\"p\", null, \"If you need to correct any answer, please enter \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"N\"), \".\"), mdx(\"p\", null, \"Once you select \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Y\"), \", the installer will generate the database schema. Internally, this step is handled by a component called \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Flyway\"), \". Flyway is a database schema management and versioning utility. It's used to generate the schema as well as upgrade from one version to another.\"), mdx(\"h3\", null, \"Install reverse proxy\"), mdx(\"p\", null, \"Next, the installer will ask you if you want to install the reverse proxy. The reverse proxy is an Apache web server plugin which has been purpose built for use with the OpenIAM stack and address specific use cases. \", mdx(\"em\", {\n parentName: \"p\"\n }, \"In virtually all\"), \" cases, you will want to install the rProxy. The exceptions can arise based on your deployment architecture. The rProxy can co-exist with other infrastructure components such as an F5. Enter \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"y\"), \" for the question below\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Do you want to install OpenIAM reverse proxy module? [y/n]:\\n\")), mdx(\"p\", null, \"After, the system may ask whether you want to update httpd software. httpd is an Apache webserver used to host websites and applications, as well as process and provide response to requests. Enter \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"y\"), \" for the question below and proceed with installation.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Do you want to update httpd to 2.4.57 ? [y/n]:\\n\")), mdx(\"p\", null, \"The OpenIAM RPM installer will continue with initialization and apply the SQL scripts which are required for successful startup. The OpenIAM services will automatically run the application stack after successful initialization and will show you the current stack status. Usually, startup takes around 10-15 minutes. You can view the status of the system as it's coming up using the command line tools described below in \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"OpenIAM components and Status\"), \".\"), mdx(\"p\", null, \"Please, ignore the\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"HTTP request sent, awaiting response... 404 Not Found\\n2023-11-09 21:04:58 ERROR 404: Not Found.\\n\")), mdx(\"p\", null, \"line. At this point the installation is completed.\"), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Note\"), \" that if \", mdx(\"span\", {\n style: {\n \"fontWeight\": \"bold\"\n }\n }, \"system logo rpm\"), \" is installed, ignore the error conflict related with logo rpm installation.\"), mdx(\"h3\", null, \"Install Prometheus and Grafana stack for monitoring\"), mdx(\"p\", null, \"For monitoring OpenIAM infrastructure components and application services select \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"y\"), \" to install in the Linux server. \"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Do you want to install Prometheus+Grafana stack for monitoring? [y/n]:y \\n\")), mdx(\"p\", null, \"In the last part of \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"initiation script\"), \", \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"nginx\"), \" will be installed and \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"nginx\"), \" health check will wait for OpenIAM all services to come up. \"), mdx(\"p\", null, \"Please use \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam-cli status monitor\"), \" command for \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"all\"), \" services from \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"other console\"), \". \"), mdx(\"h3\", null, \"Check the startup process\"), mdx(\"p\", null, \"The containers may take 8 to 15 minutes (depending on your environment) to start up completely. You can watch the startup process using the command below. \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Note\"), \" that the UI container will take some time and be among the last to start up as it has dependencies on other components being up first.\"), mdx(\"h3\", null, \"Monitor the startup process\"), mdx(\"p\", null, \"To check if the services have started, you can use the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam-cli\"), \" utility as shown in the example below:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openiam-cli status\\n\")), mdx(\"p\", null, \"You will see output like the example below:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Openiam Status report \\n[OK] - openiam-esb - Service working. Application status: [ UP ] \\n[OK] - workflow - Service working. Application status: [ UP ] \\n[OK] - groovy-manager - Service working. Application status: [ UP ] \\n[OK] - idm - Service working. Application status: [ UP ] \\n[OK] - reconciliation - Service working. Application status: [ UP ] \\n[OK] - email-manager - Service working. Application status: [ UP ] \\n[OK] - auth-manager - Service working. Application status: [ UP ] \\n[OK] - business-rule-manager - Service working. Application status: [ UP ] \\n[OK] - device-manager - Service working. Application status: [ UP ] \\n[OK] - synchronization - Service working. Application status: [ UP ] \\n[OK] - openiam-webconsole - Service working. Application status: [ UP ] \\n[OK] - openiam-idp - Service working. Application status: [ UP ] \\n[OK] - openiam-selfservice - Service working. Application status: [ UP ] \\n[OK] - openiam-ui-static - Service working. Application status: [ UP ] \\n[OK] - openiam-selfservice-ext - Service working. Application status: [ UP ] \\n[OK] - openiam-reportviewer - Service working. Application status: [ UP ] \\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Verify\"), \" \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"nginx\"), \" services with the following command.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \" systemctl status nginx \\n\")), mdx(\"p\", null, \"For any issue in service restart check respective application logs and for infrastructure check \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"journalctl\"), \" logs.\\nThe directory for OpenIAM logs is as follows.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"cd /usr/local/openiam/logs and cd /usr/local/openiam/ui/logs/\\n\")), mdx(\"p\", null, \"For infrastructure logs \"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \" check in /var/logs or journalctl -u \\n\")), mdx(\"h3\", null, \"Validate the startup\"), mdx(\"p\", null, \"You can use the curl command below to validate whether the UI is up.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"curl -k -I -L http://127.0.0.1/idp/login\\n\")), mdx(\"p\", null, \"You should see output like the example below\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"HTTP/1.1 200\\nDate: Fri, 21 Feb 2025 21:49:04 GMT\\nServer: Apache/2.4.61 (Red Hat Enterprise Linux) OpenSSL/3.2.2\\nReport-To: { \\\"group\\\": \\\"csp-endpoint\\\", \\\"max_age\\\": 10886400, \\\"endpoints\\\": [ { \\\"url\\\": \\\"http://127.0.0.1/selfservice/csp/report\\\" } ] }\\nContent-Security-Policy: default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' apis.google.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' *; form-action 'self' 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data: https://chart.googleapis.com; font-src 'self' *; report-uri /selfservice/csp/report; report-to csp-endpoint\\nAccess-Control-Allow-Origin: *\\nX-Frame-Options: sameorigin\\nX-Content-Type-Options: nosniff\\nX-XSS-Protection: 1; mode=block\\nCache-Control: no-cache\\nPragma: no-cache\\nExpires: Wed, 31 Dec 1969 23:59:59 GMT\\nX-UA-Compatible: IE=EmulateIE10\\nx-openiam-force-auth: false\\nx-openiam-login-uri: /idp/login\\nContent-Type: text/html;charset=UTF-8\\nContent-Language: en-US\\nContent-Length: 4970\\nSet-Cookie: SESSION=OWJiZDkwMTMtMDNmZC00NThmLWI5ZWEtYTljYzE4N2VhMTZh; Path=/; HttpOnly; SameSite=Lax\\nVary: Accept-Encoding\\n\")), mdx(\"p\", null, \"The http 200 indicates that the application is up and running and you can login.\"), mdx(\"h1\", null, \"First time login\"), mdx(\"p\", null, \"The final validation of our deployment is to be able to login to the OpenIAM web applications. To do this, you must first find the IP address of our VM.\"), mdx(\"p\", null, \"Next open your browser (preferably Chrome or Firefox), and hit:\"), mdx(\"p\", null, mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"http://[ip address of your installation ]/webconsole\")), mdx(\"p\", null, \"Use the following credentials for the first time login:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Username: sysadmin\\nPassword: passwd00\\n\")), mdx(\"p\", null, \"Enter the username on the field shown below and click \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Next\")), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"418px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/d7398/first-timelogin.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"111.58301158301158%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAWCAYAAADAQbwGAAAACXBIWXMAAAsTAAALEwEAmpwYAAADL0lEQVQ4y6WUz2scZRjH9z/QP6AWr4oePOlFhNKTV28evHgTUaSK4KEFabUoKFga223aajRRBOkhiKZURZQaDdskzWZ3000gMSntzs7Or3d+zzvzkWc2u9m1iUR84LvPzPd9nu9+35n3mYrpBBi2j+sn3Kq3+eKzadbam8wvNqivbbKw3GKxscGNX37nh7kfuXxlitnv5qhWrzIxUWWhdhsv0hiWQrQqpaClUGHG9V9rXH7/PS5+eoUPLnzNyQ8needsler0LB9NTHHq5Lu8eeJtzpw+y6uvvMYbr5/gj4UlVJyPC3Ztn54b0Ol5/DS/zM1ag2tz86y2t1lubrGxbdDa2OG3m3/y112D2mKdpZUmy/UWO/dMem5YagwFB6KSVZhiq5j7pocbJNgqwvLCkpOtWV6EG6QlnCAdE5NckZ8BDMun01ND+5JHITsYuy/zXn/pMIgS0kyTpBqdF2Q6J9MF6W6We+H7a6PIh5z0iobthVTkRiLLMgzDQCmFbdso5eG6Lp7nYXa7mKaJZVlDSJ1wjm0zCFeVgllfUGvCMCRJEqIoIo7jPpKk5IUbQPgkSYd8nucURYEjgnGSkWuN1rokD4uBiEB6RaN0mGYZfpDSWd+ma3TY3NoqHfyXSNMUnWV7W5Z/01nfpTxLrfOSOyxKh/muwyjOsJ2YnhVh2RG9XRhmeGjcNwIcN8YLIiquHFiV8n+jZ8d4fkhF+QlGN0KpFNdLHoAzgv3WxYzssNMNUeIwTjNcP8ZyQmw3GsJyI3pOiKdilN9Hnw/HaiSbTkgQpX2Hcmwk9D+2kAPFfm90n5pBr6MCKjJCs9//zMfnP2di8ivOX5rZQ3WGc9UZJqe+5cLVbzhXnR7yJS7NlD3SW1taJUo1lbyAF19+i4ePPsPRJ45z5PFjY3j0yeM89/xLPPXsCxx57NgD69Lz0CNP88nFL0uXFRnqnbv3WG22ad3ZoLm2h5XmOourd7i10mKpvsbtRptGa32sRnqkt2c5qCDuv5SDIilATpSbFvgZeGnxr0enfIYyKYN5lAkZRX9ec4rdiShGJmO8Vpd15cfBdHxMWx2I7gHX+0E+un8Dho9QjLJzmVUAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"OpenIAM Login page\",\n \"title\": \"OpenIAM Login page\",\n \"src\": \"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/d7398/first-timelogin.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/a2ead/first-timelogin.png 259w\", \"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/d7398/first-timelogin.png 418w\"],\n \"sizes\": \"(max-width: 418px) 100vw, 418px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \"), \".\"), mdx(\"p\", null, \"The authentication process is spread over two screens. You will be asked to enter the password on the screen below.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"434px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/d60bd0e0c6be1f34598a34138fbea24f/ade6e/first-login-2.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"116.98841698841697%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAXCAYAAAALHW+jAAAACXBIWXMAAAsTAAALEwEAmpwYAAADT0lEQVQ4y42VS28cRRDH50tw4RwkDpw55RBx4ZA7Vz5AEMdECJEDUiSuiUiIIpS1vI6NFcdIdgKxIpIIEYmAnVyM46x315aJdz07nmdPP+fxR9WzY3vMOtDST/2q+ndVq3rGOYg4vDAF9fshx/WrN/Fo7g6mFh6i9cN9fNu6h9b8A9xqL+LqtRv46svLuHLlG1y6+AU+u/A5Hj/9DcIAoyCxGk4tSPixxPLPTzB35y6+ay/j9vxDzCz+gp+e/IlHv67hxs3bWPxxCdPtObSm2mi12vhrs4eIG4wCdiRYQYIcB7GAFwu86g0w8GJEqYYXcoSJhB8LMJkjZMoSc3PoW+s4FNmoJqigtSARtqeTac+lPkjh+km1FrBq7Zg/2Tt+xMG4AhNj+BihwVUGLk0DoTKk0hzZjW2ppwydMBGY1LLMgDEGKSWkEBbOuV0zWk/wKBGQIKVWlmVFUaIoCjtWSiGKIitAxHFs5wQdYiVqvzFBHWGe5yjKAkVZHhrWwpOgPfI5SZCMIyQhby9AOBhi980beJ43MYKak01rjSzLECZ1hEUBow0yrSGkhDHmVLFJNCKk+qIJ3YvS2p5Gl5+m6f9CCGF9KAgKzglZFVGv18P6+jo2Njawt7eH4XD4VgaDAUajETqdDlZWVqxwxI4Jbm9v281ut2uN/0uQcF0XOzs7WF1dtVlVgom0F6qktKETdFoNGZ4GpazHNUl9lbItm8LWHVGL1nO637c1qs9et2fHQZwe1aEQ3G5SESdJcljEJFrX3nHqgyjttbU1O/ZrwSzPobMcWVEiywsL1SZhxxPEtDE2E5pXT7VRhyWEzpGqDNLkUCZHwDUGkYAwzZQnFXbd/CiFk6QSHpOY/WMHCy92sfjyb0z/3kfHTf71WuqnOXQ9fD99DzPzy5hdeIBbU3exudW3XyFHSo2Xuz4++Po+Pr72GOevP8V7l5cw+7xfpZIXjRdB7dnzF3j3/XP48KNPcO78p3jnzFnMzC+BknciJu399d0InWGArWGI7n4IJvWpqSmlsdXdxmanh1evu3i91UfCUsSphEMfRSE18ixrIJVGKhT4CWhNKI28BIpjSGXghaz6Bbg+w/AgabDvJ/YTT3sN7BrZxA3Inn4B/wCihMLDPyYkagAAAABJRU5ErkJggg==')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Change password\",\n \"title\": \"Change password\",\n \"src\": \"/docs-2026.5.1/static/d60bd0e0c6be1f34598a34138fbea24f/ade6e/first-login-2.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/d60bd0e0c6be1f34598a34138fbea24f/a2ead/first-login-2.png 259w\", \"/docs-2026.5.1/static/d60bd0e0c6be1f34598a34138fbea24f/ade6e/first-login-2.png 434w\"],\n \"sizes\": \"(max-width: 434px) 100vw, 434px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"The next screen will force you to change the default password. As you enter your new password, you will see the password policy on the side. Your password must align with this policy. You will be able to change both the password and the policy later.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"428px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/47730/change-password.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"132.81853281853282%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAbCAYAAAB836/YAAAACXBIWXMAAAsTAAALEwEAmpwYAAADPElEQVRIx5WVa08TQRSG+//8GfpFf4Ga+EETYiASlYjXqOANEm+gJAgokRCxhkhCIkkBU2ipvWzb3e51Zm99zZnd2U5rG+IkT87szszpOe85s821Oi6IpuHAsBgOyw0cnmjw/Bim68NhIWwWinlVM1Ajmh2Uq03xfFJrom164jz5yUlnuunhROvgzu172Fpdw8f1PJbXv2NxZRNLn7fwZukLZp/PY3r6Aaam7mJ8/AauXR3D05kXCLpAo23967BUN/D44Qzmn8zg+vQr3Hr0Gjfuz2P2zQpevlvD2PVJ3Lw5hfHxSUxMTOLypStY/LAMLxhwmKVsM/w+0bBfquFr/hcKxRoqDQOlahv1loXDo4o4+Keh46hcQ7Who6rp2XnhkCYSjSK1PHRsLqxuMRE5QZsNmwtLmtEa2VaqnySXbJB4iZXvOgrq+1FQhKbD0O12EccJURT1iGNEUdyzGRHCFFqjc+TDYz5ylsMhB700TRO6rqPRaAgrabfbAsMw+p59v3fe4z5FyFNnPacERdFqtQSaponDZIkgCLK9qu1zKMOWxHGaWhj2Qc5oTe4h+iK0PR+MMVQqlYxarSao1+sjUfcUCgUROQ/CxKHrutjd3cXOzo6wx8fHKJfLKJVKp0IBLCws4OBgH2HURc52ffi+j2azmQk9COk4ao2gItm2DcaDRMNuN870GIaq17C1pDCxLAoTC/QLlmXBcZxsTlAbkaV3sgCycHKsrq6Kc0JDipA2DlaTUKtM81FRUs9S9UXK1pCU1daRz8NaSP6QjFrcFJkyVZrSIitTlOkTdFDtU5V8/gc8zwX3w55DqjTnvM+qczXyQX7t7YEzBubLlNNbMUojWiONRpFVWU2ZovA8Bsa5gKfQLVJ1GoQGXQQ6n/YhExH6nMN1bDDPFZCWpCHpSeIPDvXDsLGxIfYLDa20baiHPD+BB1Hfx0KmPYq+xo7DEOuFOs5Mf8WFuW2cn9sW8097f8TGMEqama4XpUb3l6xKsVgUV1AUJQxC5Isazs5+w+X3O7j49ifOPdvC5mFdOIrS20E3Rn5hBqlWqzA7ncQhaagok6Lq1O19fU8Zosr0x6KbDtpD0P+TlmHjL6mBAHP5Ihi1AAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Change password\",\n \"title\": \"Change password\",\n \"src\": \"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/47730/change-password.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/a2ead/change-password.png 259w\", \"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/47730/change-password.png 428w\"],\n \"sizes\": \"(max-width: 428px) 100vw, 428px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"The next step is to define a content provider using the screen shown below. A \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Content provider\"), \" is an alias which represents a domain. Associated with the content provider can be UI themes, authentication policies, etc. You can read more on Content Provider in \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"../../../admin/3-authz/11-contentprovider\"\n }, \"this\"), \" document. The table below describes the fields on this screen.\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Name\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Content Provider Name\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"You can think of a content provider as an \\u201Calias\\u201D which represents a domain. This is described in more detail in the OpenIAM documentation. For this setup, please enter a value such as : Default CP\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Domain Pattern\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This value is defaulted in. It should be the IP address or host DNS name of the instance where OpenIAM has been installed\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Application supports SSL?\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This configuration determines if the OpenIAM application will be accessed over HTTP or HTTPS. Unless you have already configured the certificate, select \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"Support on HTTP\"), \". You will be able to update this configuration later.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Application servers\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This is the location of the OpenIAM service layer which the UI and rProxy need to communicate with. In most cases, the default value will be correct since each of these components will be deployed on the same host. However, this configuration provides flexibility to have the UI and service layer on separate hosts.\")))), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"762px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/095f552f0fc14a81d6bcec8be3692470/a016c/content-provider-rpm.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"115.05791505791505%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAXCAYAAAALHW+jAAAACXBIWXMAAAsTAAALEwEAmpwYAAAC1UlEQVQ4y62U30tUQRTH73/SW08ZlUGU1NZj0YNZpGRmkD+wHxAU9KBJ5YP1ZA+BiGhiYFIUKppKPRUaRoSbqERb6+667G7mevf+vnN/fOPM3b27+aNaaeDDmTMz9zvnnjkzwr4jFSgNnEZp4Az2H82z93AFSg6VY3fZqQLW+3loLSHE4kkkkj8QXopiKbrM7fdwFOFIzPcj0WXej8TiXj8S89YXWNKIJ1IQxIyC4HwIwfmvPnMLIXxeCHk2688ten5ujsbJBv35b0itpCH0Ph3FzoOVKDvZiAPH6zklgRrsCpxHSQHr/UL2HKvFjtIKtLR3QaBdOvtG0Dc4iZ6BV+gdGEdX/2hRdD8Zw6OeIbx9PwvBtgHLcvA/GmkJhsmQTK0hnljBalpGRtKLRpI9q2kmRWhD13WI4hpUVVm3p1sUtm1BsCyLCxqGAU2jXTQO+Y7jFAUFxwUVRUEmk+FIkgRRFLl1XbeoHJIoF1QVhUdFkZK4aZqg8Zwg2b/hHYoNgTELoigjnU77EdJO/ypUCBc0mY30GuUtH+V2m//LjJkwGeMwsqa5LehbYWTiHcov3ELt1TZUN91BZf1tnK1rKYqqhlacOHcTnY9fQhh7PYWqxlY03HiAS9fbUXPlHqqb7qL68hY0bfQvXmtDZV0zuvqH8mWjKCpHVf8M5bnQN3QNybSEYGQVLhU2nYymqVyUbkruYDaFxBQJuqr6Y6ahIy2pCKckOCRIJ0M7UTHLsuzX32bQGyIZudr0yspxc1ePHhk7G6GuQ1a8KOmkcjWYv9LZvpKA+2UcyodpuJblryMNy7ZBNS1wdYcBTIeqyFycZcvHh0rCdsHEZZiLExBnpmHqGp+zLPZbLQqLiTU8+xjGyGwUPyWN58E02UZRlhWlKwZkxSyerhfDk+gfHMb0zCcIU6EU2sfn0PFmAQlR8x+tLZvr5FMAQNcN3O/oRnPbQzwfmsAveDRO7bsF94gAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Define initial content provider\",\n \"title\": \"Define initial content provider\",\n \"src\": \"/docs-2026.5.1/static/095f552f0fc14a81d6bcec8be3692470/a016c/content-provider-rpm.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/095f552f0fc14a81d6bcec8be3692470/a2ead/content-provider-rpm.png 259w\", \"/docs-2026.5.1/static/095f552f0fc14a81d6bcec8be3692470/6b9fd/content-provider-rpm.png 518w\", \"/docs-2026.5.1/static/095f552f0fc14a81d6bcec8be3692470/a016c/content-provider-rpm.png 762w\"],\n \"sizes\": \"(max-width: 762px) 100vw, 762px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"After setting up the content provider, you will be taken to the challenge questions page. These questions will be used to reset your admin account in case you have locked yourself out. Please make a note of your answers.\"), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Note:\"), \" You will be able to update your password policy later. At that time you can decide if you want to use challenge questions and/or some other method.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"764px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/f3c12/challengequestions.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"116.98841698841697%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAXCAYAAAALHW+jAAAACXBIWXMAAAsTAAALEwEAmpwYAAABqklEQVQ4y6WUPU/DMBCG8/+XDvyDDh2AIlWwMXVBoApaRKFSly4MqITmy3G+86LXcFFSUqhFpEeOnbs357uzHdeP0ebdU/DjHI/LNcanF5hc3+DsaorR2SWGwxEGgxOcjycIdYHtLsK+v0OBNltPmQ+vbx+YLVaY3i0xf9ng4WmN+8UzbmdzrNYbuIHGdtf1Jc4u1PBIlMALBY1ApYizCjorv+F7jaQAVFJ8+YRdH+IAQJZlUEohjuMGpWIEQQDf980YhmEzRlHUseWcGnycuq5RVRWKokBZlgbOkyRpnCnEkXOitW5s21DLyfPcGKRp2oF/tIEB0K8RJFzkFrjGKPui6ENs6W8EKSKiEi3Xj4URMi2NoEQn0IA5PRZqMLdGMOsRtBH7IdjOocA1W0G2lxHkglRVRn7Y/8lvSJoo3MkhBSXCYyss0Ke3yny3rbJU+mCVbfpQTpnned0qywlp58PmpHBnjWD7oBPb/DFC13VNYJ0qC/vn+i/aHWIEpcL/xQhyy7wLCUPmyA+2l0PTNhRMtLa+rg4Wpe/o2UbYaZu8p8o2bSN2cjl8AvGq+h0PG0xkAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Challenge questions\",\n \"title\": \"Challenge questions\",\n \"src\": \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/f3c12/challengequestions.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/a2ead/challengequestions.png 259w\", \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/6b9fd/challengequestions.png 518w\", \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/f3c12/challengequestions.png 764w\"],\n \"sizes\": \"(max-width: 764px) 100vw, 764px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"After completing the above steps, you will be taken to the admin console landing page shown below. Give the system about 5 min to refresh the internal cache and then you can proceed to configure your solution.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"360px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/f21e7/landing-page.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"38.22393822393822%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAICAYAAAD5nd/tAAAACXBIWXMAAAsTAAALEwEAmpwYAAABUUlEQVQoz51Q20oCURSdr6mU8MVbEBYEUo0XfLF0LIMgFSFQ6imloG/qD/oHv8HyNmdmdG7nzIqzx8awnjqw2OvsvVisvZXcWQPxbAmJoyoy+SaOyx1kT2+ROtGQy1eRzFWwly4gliliJ6kiJnm6QDyeKRJ2UyoShxXsH5SgaJ0hLu6eoGp93Ny/otF9Jn7VfUG9PYSq9XDZGpDmvN5DvTNErT0gXmsN1po+ys1HlK4foFhsDtsyMP0Yg80mWJkMK0MPITn91zC3YDAsf+gkV2ZsCd2y4fkcnueBC4H/PhEEUD4XJma6BdfzyNB1XapCiF8IguDPfjgT4JxDmSxMzI0lGTHGIoHjOCSQ8HmYWtd12LZNXFbaiOY80pKhXFs2fd+PDL/FQgQQ3gq2xWA7LiWRSTfzTcofhlZ0OyneQIC60xFG728YT1l4q/X62+Bc4AuYbSPXSLA5nwAAAABJRU5ErkJggg==')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Webconsole landing page\",\n \"title\": \"Webconsole landing page\",\n \"src\": \"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/f21e7/landing-page.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/a2ead/landing-page.png 259w\", \"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/f21e7/landing-page.png 360w\"],\n \"sizes\": \"(max-width: 360px) 100vw, 360px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"h2\", null, \"Grafana and Prometheus access\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Verify\"), \" if the following ports are open inside server, if using firewall locally or allow all below ports in external firewall/security group. \"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \" firewall-cmd --add-port=3000/tcp --add-port=9090/tcp --add-port=9100/tcp --permanent \\n firewall-cmd --reload \\n\\nss -tulnp | grep grafana \\nss -tulnp | grep prometheus \\n\")), mdx(\"p\", null, \"Verify \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"node-exporter metrics\"), \" with the following command.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"curl http://localhost:9100/metrics \\n\")), mdx(\"h3\", null, \"For Grafana access from outside using public IP\"), mdx(\"p\", null, \"For Grafana access, default user will be \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"admin\"), \" and password will be \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"admin\"), \".\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"http://:3000 \\n\")), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1035px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/f6b7314b0026062eee031395258fccc8/75b1f/1-rpm-with-internet-02-grafana-dashboard.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"40.54054054054054%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAICAYAAAD5nd/tAAAACXBIWXMAABYlAAAWJQFJUiTwAAABfElEQVQoz2WRSW/bMBCF9RsaWwsXiaRoihIlS5HjJXGWW4H00iTXXIqivfX/X1/BsVKg7eHDE4fDN49Ucn+Ycbw9Y7c/Yrc/4HR7xunuHtN8g2G8Rui36P5ioFo/jPBtgPcBvu0xbgeE0ysSWSoUQuMqZQuc1mYTYDYdcq5wlXGscoE1IbEuJNJCYpWJBU6aFwyJa3r4MEGZBlJZMKlRaodumBGGGdYFyMrSnigNclYi+4ePGpMGyTztMEwH2KaHtp4O5rwCFwaMKzCuUWmHnFVIY8KME6uUIxeajNKYcs3waVUgkXoDXfvLRiHJrBAKqm5hXQ9RWVS1p9RSbSBJHa2vwwhlHErl6BairJGoukHtAqWIptEsamzoxxuEYUfpYz0Oi2SLfhmPcHaLdSH+XD/5aKLG+B6LMqHJKBJ/Thwav127RWUuw8vpDe3jL5jzO7rnH+iefyL574EXQ1HVlPDCngxV7Ulr14EJBfv4Df7pO9T0Gc3DVzQPL/gNj2biS3Wb/ssAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Grafana dashboard\",\n \"title\": \"Grafana dashboard\",\n \"src\": \"/docs-2026.5.1/static/f6b7314b0026062eee031395258fccc8/e3189/1-rpm-with-internet-02-grafana-dashboard.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/f6b7314b0026062eee031395258fccc8/a2ead/1-rpm-with-internet-02-grafana-dashboard.png 259w\", \"/docs-2026.5.1/static/f6b7314b0026062eee031395258fccc8/6b9fd/1-rpm-with-internet-02-grafana-dashboard.png 518w\", \"/docs-2026.5.1/static/f6b7314b0026062eee031395258fccc8/e3189/1-rpm-with-internet-02-grafana-dashboard.png 1035w\", \"/docs-2026.5.1/static/f6b7314b0026062eee031395258fccc8/44d59/1-rpm-with-internet-02-grafana-dashboard.png 1553w\", \"/docs-2026.5.1/static/f6b7314b0026062eee031395258fccc8/75b1f/1-rpm-with-internet-02-grafana-dashboard.png 1699w\"],\n \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"h3\", null, \"For external Prometheus access\"), mdx(\"p\", null, \"Change \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"web.listen-address\"), \" from 1\", mdx(\"strong\", {\n parentName: \"p\"\n }, \"27.0.0.1\"), \" to \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"0.0.0.0\"), \" in below service file.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"vi /etc/systemd/system/prometheus.service\\n\")), mdx(\"p\", null, \"Now, reload and restart Prometheus using the commands bellow.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"systemctl daemon-reexec\\nsystemctl daemon-reload\\nsystemctl restart Prometheus\\n\")), mdx(\"p\", null, \"Try to access using the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"http://:9090\"), \" URL.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1035px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/7bece3ea03bb0ad9fe002df3e130a114/9de76/1-rpm-with-internet-03-Prometheus.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"61.38996138996139%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAMCAYAAABiDJ37AAAACXBIWXMAABYlAAAWJQFJUiTwAAABmElEQVQoz3VS60oCURDeVwqKblAUmphpl7/lq5QQBJKhhKaJ0QWhB0h6GPEB1GV1L+rq7tnzxZz12K6uAx97zs7MNzPfHCWRyiCezCCZvsJxIiWQOLtALJlGPHGK3ZNLbGZz2Lq5xXb2DhvXOezEzrF/cIS9w9gKlMZHE7W3L1QbnyhV6iiWX1Gpv6NYqeOl1kCh/o2HVgf5VhuPv23c/3SQrzbxVCqj8FxdgTIZjyHNtieg+8iyAHD8G1vCelN0XRcH13XR7Xah6wYMw8TEtsE5B/M8MA4BjwOOy2AYBhhj8Mi3BIWcogfGMBgMBIiczPO4IF1gXphiiCzkmyNEONR1qKoK6joqmHPAZQymaYocuq8lpIrD4RD9fh+mZUUTisKuiDMNE1ZEXIiQAijYcRy/g0AXckSahCbQtIHQUv4neQghQiKybRuz2UzAnk79s+MIv0z2x+WLQkGENKQt93pdoSOBxlfVvliCNCKhIpJ45dkECTVNE98okwRyy9FLC4xMF3p/NLKUQOjCfcgEKjgajeb6rhL+AZMgb3MEIvcRAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Prometheus\",\n \"title\": \"Prometheus\",\n \"src\": \"/docs-2026.5.1/static/7bece3ea03bb0ad9fe002df3e130a114/e3189/1-rpm-with-internet-03-Prometheus.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/7bece3ea03bb0ad9fe002df3e130a114/a2ead/1-rpm-with-internet-03-Prometheus.png 259w\", \"/docs-2026.5.1/static/7bece3ea03bb0ad9fe002df3e130a114/6b9fd/1-rpm-with-internet-03-Prometheus.png 518w\", \"/docs-2026.5.1/static/7bece3ea03bb0ad9fe002df3e130a114/e3189/1-rpm-with-internet-03-Prometheus.png 1035w\", \"/docs-2026.5.1/static/7bece3ea03bb0ad9fe002df3e130a114/9de76/1-rpm-with-internet-03-Prometheus.png 1423w\"],\n \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"h3\", null, \"For node exporter metrics access\"), mdx(\"p\", null, \"Use the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"http://:9100/metrics\"), \" URL for the access.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1035px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/72a2878075ffcbfdc4606fafa20e6331/8f5d7/1-rpm-with-internet-04-Node-exporter.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"54.826254826254825%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAALCAYAAAB/Ca1DAAAACXBIWXMAABYlAAAWJQFJUiTwAAABs0lEQVQoz52RW4+iQBCF+f/xRWO8Jf4gZbkNDToMiIljxHjh0sB47bOpmsA62YdNtpMvXVU0p09Va51OB4PBgBkOBxiNRphOp+j3++h2u+j1ej94rdE/dH44HGI8HmMymUBzXReLxQKe58P3fIRhiDiOIaXE/yxtNpvB8zx4woPjOFgu3xHHq1ZQKdXyfD5/xI/H4y+0+XwOwzBgmRaCIMB2u8XhcMA+SfD5ucX5fEZd13xBWZYcV1XFUK2pE9frFZppmPil69B1HYvlEmEYseh+v8dms8Fut0Oe5yhLiaIoWgESpD3LsrZOaKZpgOYYvAdYr9fM8Xjkw3SA2vjXeh2LRs5s24bv+0iShEXSNGVX9/sdt9uNeY0Jau9yuXD9VVizTBOeEPzSJBpFEYuSILVCe9Mm5YX8rjFZxt++vv4Ik0NlGoZybFsJIZRlmcp1XSVlqaSUKs9zpigKJWXBNYrzouA9yzKVpqmq61qRSW7ZsiyeoxACb84bz5GGTS9M7RMU02zJGeWn04mhnNpvZq15QqgwDFUURWq1WqmPj5Bvq6qK3RBNTI7oW1mWbU57447Wby+lKoDu+tWXAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Node exporter access\",\n \"title\": \"Node exporter access\",\n \"src\": \"/docs-2026.5.1/static/72a2878075ffcbfdc4606fafa20e6331/e3189/1-rpm-with-internet-04-Node-exporter.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/72a2878075ffcbfdc4606fafa20e6331/a2ead/1-rpm-with-internet-04-Node-exporter.png 259w\", \"/docs-2026.5.1/static/72a2878075ffcbfdc4606fafa20e6331/6b9fd/1-rpm-with-internet-04-Node-exporter.png 518w\", \"/docs-2026.5.1/static/72a2878075ffcbfdc4606fafa20e6331/e3189/1-rpm-with-internet-04-Node-exporter.png 1035w\", \"/docs-2026.5.1/static/72a2878075ffcbfdc4606fafa20e6331/8f5d7/1-rpm-with-internet-04-Node-exporter.png 1475w\"],\n \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"h1\", null, \"Post installation information\"), mdx(\"h3\", null, \"Using the OpenIAM command line utility\"), mdx(\"p\", null, \"OpenIAM provides a command line utility to help you view the status of all components as well as perform common operations such as view logs, start, stop, etc. The command is \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam-cli\"), \".\"), mdx(\"p\", null, \"Just running the command by itself, as shown below, will display the list of all options.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openiam-cli\\n\")), mdx(\"p\", null, \"Output\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Usage: /usr/bin/openiam-cli {start|stop|status|init|log|log |list-connectors|list-source-adapters}\\n\")), mdx(\"h4\", null, \"Check status\"), mdx(\"p\", null, \"To check the status of the components or to confirm that the system is up, please use the following command:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openiam-cli status\\n\")), mdx(\"h4\", null, \"Check service logs\"), mdx(\"p\", null, \"To check current logs of any service you can use the following command. You can get the services using the following command: \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam-cli log \"), \".\"), mdx(\"p\", null, \"For example, to check the logs of the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam-esb\"), \" module use the following command.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openiam-cli log openiam-esb\\n\")), mdx(\"h4\", null, \"Start and stop\"), mdx(\"p\", null, \"You can start and stop OpenIAM using the command line as well. To stop OpenIAM using the following command:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openiam-cli stop\\n\")), mdx(\"p\", null, \"You can check that the services have stopped by using the status command shown above.\"), mdx(\"p\", null, \"You can start the application using the following command.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"openiam-cli start\\n\")), mdx(\"h4\", null, \"Checking the health of the application\"), mdx(\"p\", null, \"Health checks can be used by your monitoring systems to verify the status of OpenIAM.\"), mdx(\"p\", null, \"Use the following URL to validate ESB.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"curl http://localhost:9080/openiam-esb/actuator/health\\n\")), mdx(\"p\", null, \"Use the following URL to validate the UI.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"curl -k http://localhost:9080/idp/actuator/health\\n\")), mdx(\"h1\", null, \"Core services and Default Memory configuration\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Name\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Default Memory (RAM)\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"openiam-esb\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides Web Service API and to the bigger part of functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"2048m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"workflow\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides Business Workflow functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"768m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"groovy-manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides Groovy extension functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"256m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"idm\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides provisioning to target systems functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"512m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"reconciliation\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides reconciliation against target systems functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"512m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"email-manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides Sending and Receiving email functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"256m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"auth-manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides Authorization functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"1024m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"device-manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides Device management functionality (IOS and Android)\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"256m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"business-rule-manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"The service that provides Business Rules functionality\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"512m\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"openiam-ui\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This provides the OpenIAM UI running on an Apache Tomcat server\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"2048m\")))), mdx(\"h1\", null, \"Troubleshooting\"), mdx(\"p\", null, \"It is possible to receive a timeout error during the installation of OpenSearch during initialization. This issue can be rectified by setting the SELinux mode to \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"Permissive\"), \". Please refer to Red Hat's documentation for \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/using_selinux/changing-selinux-states-and-modes_using-selinux\"\n }, \"Changing SELinux states and modes\"), \".\"), mdx(\"p\", null, \"In case there is a need for VM reboot or restarting an application, make sure to shut down OpenIAM with \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"openiam-cli stop\"), \" command, as shown above. Otherwise, the vault may seal, and the application may fail to start.\"));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"items":[{"url":"#installation-with-internet-access","title":"Installation with Internet access","items":[{"url":"#defining-database-and-infrastructure-components-credentials","title":"Defining database and infrastructure components credentials"},{"url":"#message-broker-password","title":"Message broker password"},{"url":"#memory-cache-password","title":"Memory cache password"},{"url":"#opensearch-credentials","title":"OpenSearch credentials"},{"url":"#cassandra","title":"Cassandra"},{"url":"#initialize-database-schema","title":"Initialize Database Schema"},{"url":"#install-reverse-proxy","title":"Install reverse proxy"},{"url":"#install-prometheus-and-grafana-stack-for-monitoring","title":"Install Prometheus and Grafana stack for monitoring"},{"url":"#check-the-startup-process","title":"Check the startup process"},{"url":"#monitor-the-startup-process","title":"Monitor the startup process"},{"url":"#validate-the-startup","title":"Validate the startup"}]}]},{"url":"#first-time-login","title":"First time login","items":[{"url":"#grafana-and-prometheus-access","title":"Grafana and Prometheus access","items":[{"url":"#for-grafana-access-from-outside-using-public-ip","title":"For Grafana access from outside using public IP"},{"url":"#for-external-prometheus-access","title":"For external Prometheus access"},{"url":"#for-node-exporter-metrics-access","title":"For node exporter metrics access"}]}]},{"url":"#post-installation-information","title":"Post installation information","items":[{"items":[{"url":"#using-the-openiam-command-line-utility","title":"Using the OpenIAM command line utility","items":[{"url":"#check-status","title":"Check status"},{"url":"#check-service-logs","title":"Check service logs"},{"url":"#start-and-stop","title":"Start and stop"},{"url":"#checking-the-health-of-the-application","title":"Checking the health of the application"}]}]}]},{"url":"#core-services-and-default-memory-configuration","title":"Core services and Default Memory configuration"},{"url":"#troubleshooting","title":"Troubleshooting"}]},"parent":{"relativePath":"installation/1-rpm-installation/1-singlenode/1-rpm-with-internet.md"},"frontmatter":{"metaTitle":"Installation with Internet access via RPM on Linux","metaDescription":"This page describes how to install OpenIAM via an RPM on Linux"}},"allMdx":{"edges":[{"node":{"fields":{"slug":"/admin","title":"Administration guide"}}},{"node":{"fields":{"slug":"/appendix","title":"Appendix"}}},{"node":{"fields":{"slug":"/changelog","title":"Change log"}}},{"node":{"fields":{"slug":"/connectorconfig","title":"IdM Connectors"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice","title":"End user guide for SelfService portal"}}},{"node":{"fields":{"slug":"/ssocatalog","title":"SSO Catalog"}}},{"node":{"fields":{"slug":"/getting-started","title":"Getting Started"}}},{"node":{"fields":{"slug":"/troubleshooting","title":"FAQ / Troubleshooting"}}},{"node":{"fields":{"slug":"/developerguide","title":"Developer Guide"}}},{"node":{"fields":{"slug":"/whatsnew","title":"What's new in OpenIAM"}}},{"node":{"fields":{"slug":"/installation","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/admin/0-login","title":"Logging in to the admin portal"}}},{"node":{"fields":{"slug":"/admin/1-exportimport","title":"Import / Export"}}},{"node":{"fields":{"slug":"/","title":"Welcome to the OpenIAM Documentation"}}},{"node":{"fields":{"slug":"/admin/1-usradmin","title":"User administration"}}},{"node":{"fields":{"slug":"/admin/10-consent-management","title":"Consent management"}}},{"node":{"fields":{"slug":"/admin/10-password","title":"Password policy"}}},{"node":{"fields":{"slug":"/admin/12-administration","title":"Administration"}}},{"node":{"fields":{"slug":"/admin/13-selfregistration","title":"Self-registration"}}},{"node":{"fields":{"slug":"/admin/15-audit","title":"Audit"}}},{"node":{"fields":{"slug":"/admin/14-Help.Desk.User.Profile.Protection","title":"HelpDesk profile protection"}}},{"node":{"fields":{"slug":"/admin/18-services-passwd-change-k8","title":"Password update for OpenIAM services in Kubernetes"}}},{"node":{"fields":{"slug":"/admin/2-authentication","title":"Authentication"}}},{"node":{"fields":{"slug":"/admin/20-virtual-tentant-by-org","title":"Enabling a virtual tenant by organization"}}},{"node":{"fields":{"slug":"/admin/21-graph-rebuild","title":"Rebuilding OpenIAM's in-memory authorization graph"}}},{"node":{"fields":{"slug":"/admin/3-authz","title":"Managing access"}}},{"node":{"fields":{"slug":"/admin/22-token-session-util","title":"Session management utility for RPM"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/admin/16-admin-pswd-change","title":"Password reset for administrator's account"}}},{"node":{"fields":{"slug":"/admin/19-reports","title":"OpenIAM report services"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov","title":"Requests / Approval"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle","title":"Automated provisioning"}}},{"node":{"fields":{"slug":"/admin/8-sso","title":"Federation / SSO to applications"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy","title":"Access gateway"}}},{"node":{"fields":{"slug":"/appendix/1-self-signedcert","title":"Generate Self-signed Cert"}}},{"node":{"fields":{"slug":"/admin/7-access-cert","title":"User access review"}}},{"node":{"fields":{"slug":"/appendix/2-openssl","title":"Install OpenSSL"}}},{"node":{"fields":{"slug":"/appendix/4-prepforprod","title":"Prepare for Production"}}},{"node":{"fields":{"slug":"/changelog/12-Release-4.2.1.6","title":"Release 4.2.1.6"}}},{"node":{"fields":{"slug":"/changelog/13-Release-4.2.1.7","title":"Release 4.2.1.7"}}},{"node":{"fields":{"slug":"/changelog/14-Release-4.2.1.8","title":"Release 4.2.1.8"}}},{"node":{"fields":{"slug":"/changelog/11-Release-4.2.1.5","title":"Release 4.2.1.5"}}},{"node":{"fields":{"slug":"/changelog/15-Release-4.2.1.9","title":"Release 4.2.1.9"}}},{"node":{"fields":{"slug":"/appendix/3-installopenldap","title":"Install OpenLDAP on Ubuntu"}}},{"node":{"fields":{"slug":"/changelog/18-Release-4.2.1.12","title":"Release 4.2.1.12"}}},{"node":{"fields":{"slug":"/changelog/16-Release-4.2.1.10","title":"Release 4.2.1.10"}}},{"node":{"fields":{"slug":"/changelog/17-Release-4.2.1.11","title":"Release 4.2.1.11"}}},{"node":{"fields":{"slug":"/changelog/20-Release-4.2.1.14","title":"Release 4.2.1.14"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.1.15","title":"Release 4.2.1.15"}}},{"node":{"fields":{"slug":"/changelog/22-v2026.1.1","title":"Changelog for v2026.1.1"}}},{"node":{"fields":{"slug":"/connectorconfig/2-configparam","title":"Connector parameters"}}},{"node":{"fields":{"slug":"/connectorconfig/4-troubleshootingconnector","title":"Provisioning operations troubleshooting"}}},{"node":{"fields":{"slug":"/connectorconfig/JDBC","title":"JDBC connector"}}},{"node":{"fields":{"slug":"/connectorconfig/LDAP","title":"LDAP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/SAPUME","title":"SAP UME connector"}}},{"node":{"fields":{"slug":"/connectorconfig/adp","title":"ADP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/aerospike","title":"Aerospike connector"}}},{"node":{"fields":{"slug":"/changelog/19-Release-4.2.1.13","title":"Release 4.2.1.13"}}},{"node":{"fields":{"slug":"/connectorconfig/linux","title":"Linux connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft","title":"Microsoft Application Connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/aws","title":"AWS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracle","title":"Oracle RDBMS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracleebs","title":"Oracle EBS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/postgresql","title":"PostgreSQL connector"}}},{"node":{"fields":{"slug":"/connectorconfig/rexx","title":"Rexx connector"}}},{"node":{"fields":{"slug":"/connectorconfig/gsuite","title":"GSuite connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scim","title":"SCIM connector"}}},{"node":{"fields":{"slug":"/connectorconfig/sap","title":"SAP S/4 Hana connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector","title":"Groovy Script connector"}}},{"node":{"fields":{"slug":"/connectorconfig/tableau","title":"Tableau connector"}}},{"node":{"fields":{"slug":"/developerguide/10-OpenIAM-opensource-rep","title":"OpenIAM open source repository"}}},{"node":{"fields":{"slug":"/connectorconfig/workday","title":"Workday connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css","title":"Customizing branding"}}},{"node":{"fields":{"slug":"/developerguide/3-whitelisting","title":"Whitelisting packages"}}},{"node":{"fields":{"slug":"/developerguide/4-scheduledtasks","title":"Batch/Scheduled tasks"}}},{"node":{"fields":{"slug":"/connectorconfig/freeIPA","title":"FreeIPA connector"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel","title":"Data model"}}},{"node":{"fields":{"slug":"/developerguide/2-api","title":"RESTful API"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization","title":"Synchronization Scripts"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/1-login","title":"Logging in to SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice","title":"Operations via SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess","title":"User access rights"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest","title":"Request management"}}},{"node":{"fields":{"slug":"/getting-started/1-what_is_openiam","title":"What is OpenIAM?"}}},{"node":{"fields":{"slug":"/getting-started/2-productarchitecture","title":"Platform architecture"}}},{"node":{"fields":{"slug":"/getting-started/3-install_openiam","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/6-singlesignon","title":"Single sign-on"}}},{"node":{"fields":{"slug":"/getting-started/21-concepts","title":"Concepts"}}},{"node":{"fields":{"slug":"/getting-started/5-connecting","title":"Connecting to an authoritative source"}}},{"node":{"fields":{"slug":"/developerguide/6-ide","title":"Script development using an IDE"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/getting-started/7-selfservice-pswd","title":"SelfService password reset"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce","title":"Discovery questions"}}},{"node":{"fields":{"slug":"/getting-started/9-openiam-as-IdP","title":"Integrating OpenIAM as your IdP"}}},{"node":{"fields":{"slug":"/getting-started/8-openiam-with-IdP","title":"Integrating OpenIAM with your IdP"}}},{"node":{"fields":{"slug":"/getting-started/99-multifactor-authentication","title":"Configuring multi-factor authentication"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning","title":"Automated user provisioning"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation","title":"Deploying via RPM on Linux"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation","title":"Deploying to Kubernetes"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation","title":"Deploying on OpenShift"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation","title":"Deploying via Docker"}}},{"node":{"fields":{"slug":"/installation/8-sizing","title":"Sizing recommendations"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous","title":"Miscellaneous related articles"}}},{"node":{"fields":{"slug":"/ssocatalog/AWS","title":"AWS SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Gsuite","title":"GSuite SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Freshdesk","title":"Freshdesk SSO"}}},{"node":{"fields":{"slug":"/installation/9-data_migration","title":"OpenIAM data migration"}}},{"node":{"fields":{"slug":"/ssocatalog/Azure","title":"Azure SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Office365","title":"Office365 SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Salesforce","title":"Salesforce.com"}}},{"node":{"fields":{"slug":"/ssocatalog/okta","title":"Okta SSO"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster","title":"Cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors","title":"Connectors"}}},{"node":{"fields":{"slug":"/troubleshooting/docker","title":"Docker Swarm"}}},{"node":{"fields":{"slug":"/troubleshooting/environment","title":"Environment"}}},{"node":{"fields":{"slug":"/troubleshooting/operational","title":"Operational"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm","title":"RPM"}}},{"node":{"fields":{"slug":"/whatsnew/10-v4218","title":"New in v4.2.1.8"}}},{"node":{"fields":{"slug":"/whatsnew/1-v420","title":"New in v4.2.0.0"}}},{"node":{"fields":{"slug":"/whatsnew/12-v42110","title":"New in v4.2.1.10"}}},{"node":{"fields":{"slug":"/whatsnew/11-v4219","title":"New in v4.2.1.9"}}},{"node":{"fields":{"slug":"/whatsnew/16-v42115","title":"New in v4.2.1.15"}}},{"node":{"fields":{"slug":"/troubleshooting/v3_update","title":"Update from V3.X to V4.X"}}},{"node":{"fields":{"slug":"/whatsnew/15-v42113","title":"New in v4.2.1.13"}}},{"node":{"fields":{"slug":"/whatsnew/16-v422","title":"New in v4.2.2"}}},{"node":{"fields":{"slug":"/whatsnew/17-v2026.1.1","title":"New in v2026.1.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.2.1","title":"New in v2026.2.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.3.1","title":"New in v2026.3.1"}}},{"node":{"fields":{"slug":"/whatsnew/19-v2026.3.2","title":"New in v2026.3.2"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.4.1","title":"New in v2026.4.1"}}},{"node":{"fields":{"slug":"/whatsnew/21-v2026.4.2","title":"New in v2026.4.2"}}},{"node":{"fields":{"slug":"/whatsnew/7-v4215","title":"New in v4.2.1.5"}}},{"node":{"fields":{"slug":"/whatsnew/8-v4216","title":"New in v4.2.1.6"}}},{"node":{"fields":{"slug":"/whatsnew/13-v42111","title":"New in v4.2.1.11"}}},{"node":{"fields":{"slug":"/whatsnew/22-v2026.5.1","title":"New in v2026.5.1"}}},{"node":{"fields":{"slug":"/connectorconfig/salesforce","title":"Salesforce.com connector"}}},{"node":{"fields":{"slug":"/admin/17-services-manual-passwd-change","title":"Manual password update for OpenIAM services in RPM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/10-bulkoperations","title":"Bulk operations"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/1-createuser","title":"Creating a user"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/11-bulkentitlements","title":"Bulk operations with entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/12-externaldelegation","title":"Organization level delegation"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/13-unlock-account","title":"Unlocking an account"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/14-add-remove-entitlements","title":"Adding/Removing entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/16-user-conversion","title":"User conversion"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/18-creating-new-dept-division","title":"Creating a new department or division"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/17-newhireworkflow","title":"New hire workflow configuration"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/2-usertypes","title":"Custom user types"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/15-rehireuserflow","title":"Rehire user flow"}}},{"node":{"fields":{"slug":"/whatsnew/14-v42112","title":"New in v4.2.1.12"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/6-relatedAccount","title":"Related accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/5-finduser","title":"User search"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/8-serviceaccounts","title":"Service accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/9-orphanmanagement","title":"Orphan management"}}},{"node":{"fields":{"slug":"/whatsnew/9-v4217","title":"New in v4.2.1.7"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/7-customfields","title":"Custom fields"}}},{"node":{"fields":{"slug":"/admin/10-password/1-pswd-compromised","title":"Password breach detection"}}},{"node":{"fields":{"slug":"/admin/12-administration/3-squence-generator","title":"Sequence generators"}}},{"node":{"fields":{"slug":"/admin/12-administration/5-links","title":"External links on login page"}}},{"node":{"fields":{"slug":"/admin/12-administration/6-languages","title":"Managing languages"}}},{"node":{"fields":{"slug":"/admin/12-administration/7-reconciliationhistory","title":"Reconciliation history"}}},{"node":{"fields":{"slug":"/admin/12-administration/8-aboutopenIAM-page","title":"About OpenIAM Page"}}},{"node":{"fields":{"slug":"/admin/12-administration/99-heartbeat","title":"Heartbeat links"}}},{"node":{"fields":{"slug":"/admin/12-administration/9-reindex_elasticsearch","title":"Reindex Opensearch"}}},{"node":{"fields":{"slug":"/admin/15-audit/2-audit-log-export-connector","title":"Audit log export connector"}}},{"node":{"fields":{"slug":"/admin/15-audit/1-audit-events-interpret","title":"Audit events interpretation"}}},{"node":{"fields":{"slug":"/admin/2-authentication/1-auth-overview","title":"Configuring authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/10-fidologin","title":"FIDO-2 authentication"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/3-adminoperations","title":"Administrative actions on a User"}}},{"node":{"fields":{"slug":"/admin/2-authentication/11-credentialprovider","title":"Credential provider"}}},{"node":{"fields":{"slug":"/admin/2-authentication/14-duo-auth","title":"Duo authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/13-criiptoauth","title":"Criipto authentication"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration","title":"Configuring page templates"}}},{"node":{"fields":{"slug":"/admin/2-authentication/16-external-multiselect-auth","title":"External/multiselect authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/15-modernauth","title":"Microsoft Modern authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-auth-policy","title":"Authentication policy"}}},{"node":{"fields":{"slug":"/admin/2-authentication/21-dashboards","title":"Monitoring dashboards"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-delegatedauth","title":"Managed System authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/3-passwordauth","title":"Password-based authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/7-otp","title":"OTP over SMS or E-mail"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social","title":"Social authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/1-overview","title":"Introduction to access control"}}},{"node":{"fields":{"slug":"/admin/2-authentication/9-adaptiveauth","title":"Adaptive authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/10-accessright","title":"Access rights"}}},{"node":{"fields":{"slug":"/admin/3-authz/11-contentprovider","title":"Content provider"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus","title":"Menus"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-conflict-groups","title":"Conflict Groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles","title":"Managing roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups","title":"Managing groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/4-types","title":"Metadata types"}}},{"node":{"fields":{"slug":"/admin/3-authz/5-resources","title":"Managing resources"}}},{"node":{"fields":{"slug":"/admin/3-authz/8-accesstossoapps","title":"Access to SSO applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-account-unlock","title":"Setting up account unlock"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/1-Automated-applications","title":"Connected applications"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications","title":"Manual applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-certificateauth","title":"Configuring certificate-based authentication"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/10-managedsystemsimulation","title":"Managed system simulation mode"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/12-LDAP-managedsys-config","title":"LDAP Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config","title":"Configure Provisioning"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/2-incrementalsynch","title":"Incremental synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/1-synch","title":"Configuring synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/3-recon","title":"Configure reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/4-birthright","title":"Birthright access"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/6-managedsystem-config","title":"Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/5-recon-groovy","title":"Groovy Scripts for Reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/9-importorganization","title":"Import Organizations"}}},{"node":{"fields":{"slug":"/admin/3-authz/9-approvalflow","title":"Configuring approval workflows"}}},{"node":{"fields":{"slug":"/admin/3-authz/6-organization","title":"Managing organizations"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/8-importentitlements","title":"Import entitlements"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/2-approval-flow","title":"Approval flow"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/4-post-request","title":"After request has been approved"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/5-approve-by-email","title":"Approving requests via Email"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/3-manualTasks","title":"Manual tasks"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/1-entitlmentcert","title":"Entitlement based certification"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/7-questionnaire","title":"Questionnaire"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/10-mitigation-controls","title":"Mitigation controls for SoD"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-event-driven-cert","title":"Risk event driven certification"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-factor-config","title":"Risk factors configuration"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-usercert","title":"User based review"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/3-certification-reporting","title":"Certification reporting"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/5-delete-campaign","title":"Deleting an access certification campaign"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/4-membership-tags","title":"Membership tags"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/6-campaign-database","title":"Access certification campaigns as database objects"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/1-application-category","title":"Application categories"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/8-multiple-reviwer-campaigns","title":"Multi-reviewer user access review campaigns"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/9-segregation-of-duties","title":"Segregation of Duties (SoD) policies"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml","title":"Add SAML SP to OpenIAM"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/7-expiration-policy","title":"Expiration policy"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/1-formfill","title":"Form Fill"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/2-headerinj","title":"Header Injection"}}},{"node":{"fields":{"slug":"/admin/8-sso/5-auth_scopes","title":"OpenIAM oAuth scopes"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/3-urlrewriting","title":"URL Rewriting"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/6-example","title":"Examples"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/8-kerberos","title":"Setting up Kerberos via rProxy"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/7-rProxy-loadbalancer","title":"Reverse Proxy with Load Balancer"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/9-directive-reference","title":"mod_openiam Directive Reference"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2","title":"oAuth 2.0"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal","title":"WinLocal OpenIAM connector"}}},{"node":{"fields":{"slug":"/admin/8-sso/3-oidc","title":"OpenID Connect"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/1-powershellconnectorinstallation","title":"Installing PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-dynamics365FO","title":"Dynamics365 Finance&Operations connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-WindowsPasswordFilter","title":"AD Password Filter"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/13-successfactors","title":"SuccessFactors connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/14-psgraph","title":"Microsoft Graph PowerShell connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/15-powershell-generic","title":"Building a custom PowerShell connector for OpenIAM"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management","title":"Mail management"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig","title":"System configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/4-otpconfig","title":"Configure OTP Provider"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/16-teams","title":"Microsoft Teams connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/3-powershellconnectorupdate","title":"Updating PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/5-azuread","title":"Entra ID/O365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/7-azuredevops","title":"Azure DevOps connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/8-dynamics365","title":"Dynamics365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/9-sqlserver","title":"Microsoft SQL Server connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/connector-request-template","title":"OpenIAM connector request template"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/1-customcss","title":"Creating custom CSS"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/GroovyScriptConnector","title":"Configuring Groovy Script connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/2-cssexamples","title":"CSS file examples"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/6-exchange","title":"Exchange connector"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman","title":"Getting started with Postman"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/2-powershellconnectorsusage","title":"Using PowerShell connectors"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python","title":"Getting started with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java","title":"Getting started with Java"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/2-access-certification-reminder","title":"Notification reminders for approvers"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/1-usermodel","title":"User data model"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/2-rbacmodel","title":"Access control model"}}},{"node":{"fields":{"slug":"/developerguide/8-api/approver-association","title":"/webconsole - approver-association"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-right","title":"/webconsole - access-right"}}},{"node":{"fields":{"slug":"/developerguide/8-api/audit-log","title":"/webconsole - audit-log"}}},{"node":{"fields":{"slug":"/developerguide/8-api/auth-provider","title":"/webconsole - auth-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/authentication-grouping","title":"/webconsole - authentication-grouping"}}},{"node":{"fields":{"slug":"/developerguide/8-api/challenge-response","title":"/webconsole - challenge-response"}}},{"node":{"fields":{"slug":"/developerguide/8-api/batch","title":"/webconsole - batch"}}},{"node":{"fields":{"slug":"/developerguide/8-api/connector","title":"/webconsole - connector"}}},{"node":{"fields":{"slug":"/developerguide/8-api/content-provider","title":"/webconsole - content-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/email","title":"/webconsole - email"}}},{"node":{"fields":{"slug":"/developerguide/8-api/elastic-search","title":"/webconsole - elastic-search"}}},{"node":{"fields":{"slug":"/developerguide/8-api/field","title":"/webconsole - field"}}},{"node":{"fields":{"slug":"/developerguide/8-api/groovy-manager","title":"/webconsole - groovy-manager"}}},{"node":{"fields":{"slug":"/developerguide/8-api/group","title":"/webconsole - group"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-oauth","title":"/idp - idp-oauth"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/1-provision-on-date","title":"Provision/Deprovision on date"}}},{"node":{"fields":{"slug":"/developerguide/8-api/managed-system","title":"/webconsole - managed-system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/menu","title":"/webconsole - menu"}}},{"node":{"fields":{"slug":"/developerguide/8-api/metadata","title":"/webconsole - metadata"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.3.3","title":"New in 2026.3.3"}}},{"node":{"fields":{"slug":"/developerguide/8-api/oauth","title":"/webconsole - oauth"}}},{"node":{"fields":{"slug":"/developerguide/8-api/it-policy","title":"/webconsole - it-policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization-type","title":"/webconsole - organization-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-rest","title":"/idp - idp-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/page-template","title":"/webconsole - page-template"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization","title":"/webconsole - organization"}}},{"node":{"fields":{"slug":"/developerguide/8-api/property-value","title":"/webconsole - property-value"}}},{"node":{"fields":{"slug":"/developerguide/8-api/report","title":"/webconsole - report"}}},{"node":{"fields":{"slug":"/developerguide/8-api/policy","title":"/webconsole - policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource-type","title":"/webconsole - resource-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource","title":"/webconsole - resource"}}},{"node":{"fields":{"slug":"/developerguide/8-api/role","title":"/webconsole - role"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-config","title":"/webconsole - sync-config"}}},{"node":{"fields":{"slug":"/developerguide/8-api/ui-theme","title":"/webconsole - ui-theme"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-rest","title":"/webconsole - sync-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/system","title":"/webconsole - system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/uri-pattern","title":"/webconsole - uri-pattern"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov","title":"Automated provisioning Scripts"}}},{"node":{"fields":{"slug":"/developerguide/8-api/user","title":"/webconsole - user"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import","title":"Import from application"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/3-importing_groups","title":"Importing groups from application"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/1-forgotpassword","title":"Forgot password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/3-changepassword","title":"Updating your password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/4-outofoffice","title":"Out of office assistant"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/2-updateprofile","title":"Updating user profile"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/4-relations-with-manager","title":"Populating a manager"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/5-forgotusername","title":"Forgot username"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/6-updatesecquestions","title":"Updating security questions"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/1-servicecatalog","title":"Requesting access via catalog"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/10-positionchange","title":"Position change request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/11-accessprofiles","title":"Access profiles"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/12-bulkupload","title":"Uploading users in bulk"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/5-approverequest","title":"Approving requests"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/2-jobprofile","title":"Requesting access from profile"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/6-requestadministration","title":"Request administration"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/7-requesthistory","title":"Requests history"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/9-newuser","title":"Creating a new user"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/1-viewmyaccess","title":"View my access"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/8-newgroup","title":"Creating a group request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/2-directreports","title":"View direct reports"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/3-UAR-in-Self-Service","title":"User access review module in SelfService"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/1-designrole","title":"Designing business roles"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/2-openiam-access-role","title":"Designing access roles"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/3-connector-planning","title":"Connector requirements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect","title":"Deploying and registering connectors"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements","title":"Importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements","title":"Importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/1-jml","title":"Joiners, movers, leavers processes"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial","title":"Automated provisioning tutorial"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode","title":"Single VM Install"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/10-ha-rpm","title":"High availability (HA) deployment using RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/11-configuration-options","title":"Configuration options in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/2-rproxy","title":"r-Proxy installation in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/12-migrating-onpremises-to-cloud","title":"Migrating OpenIAM from on-premises installation to a cloud-based infrastructure"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports","title":"Deployment architecture in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/4-backup","title":"RPM backup / recovery"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading","title":"Upgrading OpenIAM in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB","title":"Installing OpenIAM with a remote database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/8-ssl","title":"Configuring HTTPS in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-migrating-non-production-to-production-environment","title":"Migrating non-production to production environment in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/1-https","title":"Configuring HTTPS on Docker"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/9-rabbitssl","title":"Enable TLS for RabbitMQ in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading","title":"Upgrading OpenIAM in Docker environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/4-YAML-files","title":"Docker YAML files"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/5-docker-swarm-backup","title":"Backup / restore in Docker Swarm"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/2-Configuration-options","title":"Configuration options in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/6-externalDB","title":"Installing OpenIAM with a remote database in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/1-ssl","title":"Configuring HTTPS in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/10-backup-and-restoration","title":"Backup and restoration procedure in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/11-common-scenario","title":"Installing OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/12-vault-migration-fromRPM-toK8","title":"Migration of Vault from RPM-based cluster to Kubernetes-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/2-deployment-with-terraform","title":"Deploying OpenIAM with Terraform"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/3-depl-without-terraform","title":"Deploying OpenIAM on Kubernetes using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/4-RabbitMQ-TLS","title":"RabbitMQ TLS directory in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading","title":"Upgrading OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/7-useal-keys-restoration","title":"Backing up and restoring the vault unseal keys in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms","title":"Kubernetes Platforms"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/9-remoteDB","title":"Installing OpenIAM with a remote database in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/1-create-cluster","title":"Creating an OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/8-AKS_with_ext_MSSQL","title":"Deploying OpenIAM on AKS (Kubernetes) with an external MSSQL database"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/2-connect-to-cluster","title":"Connect to OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/4-some-descriptions-helm","title":"Memory requirements for OpenShift deployment with Helm"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/5-localhost-dev-cluster","title":"Localhost development cluster"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/6-deploy-from-windows","title":"Deploy OpenIAM to OpenShift cluster with Helm (from Windows)"}}},{"node":{"fields":{"slug":"/installation/8-sizing/2-medium-k8","title":"Medium Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/8-sizing/1-small-k8","title":"Small Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/9-data_migration/1-migrating_ES_Docker","title":"Verifying and migrating Elasticsearch data in Docker-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/01-log4j","title":"Log4j Vulnerability"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/02-hardening","title":"Securing your installation"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/03-db-switch","title":"Change OpenIAM product database"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/04-compatibility","title":"Compatibility matrix"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/05-postgres-install","title":"Installing PostgreSQL 15"}}},{"node":{"fields":{"slug":"/installation/99-miscellaneous/04-compatibility","title":"Compatibility Matrix"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-certification","title":"/webconsole - access-certification"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/1-rabbitmq-reinit","title":"RabbitMQ cluster went out of order"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/3-Rabbitmq-connection-timeout","title":"RabbitMQ connection timeout issue"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/2-rabbitmq-UI","title":"RabbitMQ is not reached from UI in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors/sync-vs-async-source","title":"Synchronous vs. asynchronous synchronization source for connectors"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/3-deploy-OpenIAM-helm","title":"Deploy OpenIAM to OpenShift cluster with Helm"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/1-connectorlogs","title":"View container logs"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/2-containersrestart","title":"Containers Restarting"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/3-uninstall","title":"Remove an OpenIAM Docker Install"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/4-troubleshooting-steps","title":"Troubleshooting steps in a container-based cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/memoryutili","title":"Check memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/redismemory","title":"Redis memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/disableswap","title":"Disable swap"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/JDBC-connection-pool","title":"Increasing the JDBC connection pool size"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/5-log-checking-guide","title":"Docker log checking guide"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-after-migration","title":"Access problem after migrating OpenIAM"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-forbidden","title":"Access Forbidden error"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/activationlink","title":"Error when sending activation link"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/audit-doc-timestamp","title":"Audit document timestamp issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/auth-manager","title":"Backend exception error when running authentication manager"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/database-reset","title":"Database reset"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/debug-logs-CassandraJanusGraph","title":"Enabling and disabling debug logs for Cassandra and JanusGraph"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/elasticsearch-readonly-state","title":"Elasticsearch read-only state"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/flyway_version","title":"Flyway version issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/increasing-RAM","title":"Increasing memory for OpenIAM services"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/lackof_disk_space","title":"Running out of disk space"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/modifly_system_labels_and_messages","title":"Changing system labels and messages"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/my-application-page-selfservice","title":"Changing refresh time for My Applications page in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/overriding-app-properties","title":"Overriding UI application properties"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/pad-block-corrupted","title":"PAD Block Corrupted"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/remove-navigation-bar","title":"Removing menu items from top navigation bar"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/report-generation-issue","title":"Error during report generating in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/resetting_passwords","title":"Resetting passwords"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/run_flyway_repair_mode","title":"Run Flyway in repair mode"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/unlocksysadmin","title":"Unlock sysadmin"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/username_in_selfservice","title":"Username not shown in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/failed-dependencies","title":"Failed dependencies"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/trobleshooting_guide","title":"Troubleshooting guide for RPM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/1-userpage","title":"Configuring user page templates"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/2-customuserpage","title":"Creating more custom user edit pages"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/4-customtemplates","title":"Custom form templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/1-system","title":"System tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/2-regex-validation","title":"Validation regular expressions"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/3-UI","title":"UI tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/5-organization-tab","title":"Organization tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/9-health-checks","title":"Configuring health checks for managed systems"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/4-workflow","title":"Workflow tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/7-authentication","title":"Authentication tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/8-auditeventstosyslog","title":"Exporting audit events to syslogs"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/1-emailtemplates","title":"Email templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/6-password","title":"Password tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/2-smtpconfig","title":"Mailbox Configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/3-multilanguagemail","title":"Multilanguage emails"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/4-mail-via-azure","title":"Mailbox configuration via Azure application"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/5-alert-notifications","title":"Configuring alert notifications"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/6-email-template-variables","title":"Email template variables reference"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/1-googlesociallogin","title":"Google Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/2-facebooksociallogin","title":"Facebook Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/3-linkedinsociallogin","title":"LinkedIn Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/4-appleidsociallogin","title":"AppleID Social Login"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/1-enduseraccess","title":"End-user access roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/2-adminaccess","title":"Admin access role"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/3-FAQ","title":"FAQs about menus and their use"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/4-Config-Lhand-menu-SS-MyInfo","title":"Configurable left-hand menu in SelfService 'My Info' page"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/2-createrole","title":"Create role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/1-role-types","title":"Types of roles existing in OpenIAM"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/3-findrole","title":"Finding an existing role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/5-importingroles","title":"Importing roles"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config/1-prepost-processor","title":"Pre/PostProcessor"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml/1-jit-provisioning","title":"Just-in-time Provisioning"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups/1-create-group","title":"Creating a group"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications/1-reg-applications","title":"Register applications"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/2-postmanconfig","title":"Create Postman collection"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2/1-Auth-code-grand","title":"Authorization code grant type"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/3-add-request","title":"Define an API request in Postman"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/2-winlocalv5","title":"Version 5"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/1-winlocalv4","title":"Version 4"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/1-createauthprovider","title":"Create OpenIAM Provider for Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/4-JWT-tokens","title":"Getting started with JWT tokens in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/5-postman-links","title":"Postman API documentation links"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/1-createauthprovider","title":"Create OpenIAM oAuth provider in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/6-example","title":"Client credentials flow with a defined scope in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/2-grantinguathz","title":"Granting authorization to the API with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/4-enabling-disabling-user","title":"Enabling/Disabling a user with API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/3-api-call-examples","title":"API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/5-object-oriented-impl-example","title":"Object oriented implementation for REST API in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/6-OTP-verification","title":"OTP Verification in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/3-creating-searching-users","title":"Creating and searching a user with API call in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/4-calls-examples","title":"API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/5-enabling-disabling-users","title":"Enabling/Disabling a user with API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/3-azuread","title":"Entra ID"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov/1-newhires","title":"New hires"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/6-importroles","title":"Import Roles"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/1-createauthprovider","title":"Create OpenIAM Provider"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/2-grantauthz","title":"Granting authorization to the API with Java"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/2-rpm","title":"Connectors via RPM"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/3-docker","title":" Connectors via Docker"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/1-configuring-synch","title":"Configuring synchronization for importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/4-k8","title":" Connectors via Kubernetes"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/3-troubleshooting","title":"Troubleshooting"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/2-policymap","title":"Policy map"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/3-creatingrole","title":"Creating role"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/1-config-synch","title":"Configuring synchronization for importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/3-common-questions","title":"Common questions"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/4-birthright","title":"New hire"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/1-provisioningCSV","title":"Creating a synchronization configuration for the source"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/6-termination","title":"Terminations"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/5-transfer","title":"Transfer"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/1-one-node","title":"Single node deployment"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/3-nonroot-partition","title":"Installing OpenIAM on a non-root partition"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/2-three-node","title":"Three node cluster"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/1-rpm-with-internet","title":"Installation with Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-4-2","title":"Upgrading OpenIAM to v.2026.4.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-5-1","title":"Upgrading OpenIAM to v.2026.5.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/1-databasemigration","title":"Database migration from version 3.X to 4.X"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/3-upgradingto-42111","title":"Upgrading from versions 4.2.1.9-4.2.1.10 to version 4.2.1.11 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/2-rpm-no-internet","title":"Installation without Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/2-upgradingto-42110","title":"Upgrading from version 4.2.1.5-4.2-4.2.1.8 to version 4.2.1.10 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-migrating-index-data","title":"Migration of index data from older ElasticSearch versions to newer one"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-upgradingto-42112","title":"Upgrading from versions 4.2.1.x to version 4.2.1.12 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-infrastructure_upgrade","title":"Infrastructure upgrade"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/7-upgradingto-422","title":"Upgrading OpenIAM from versions 4.2.1.x to 4.2.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/6-infra-upgrade-42113","title":"Infrastructure upgrade in v4.2.1.13"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-1","title":"Upgrading OpenIAM to v.2026.3.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-2","title":"Upgrading OpenIAM to v.2026.3.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/9-422-changes","title":"Known issues related to upgrading from 4.2.1.x to 2026.4.1 version"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-2-1","title":"Upgrading OpenIAM to v.2026.2.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/1-oracle","title":"Installing OpenIAM with a remote Oracle database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/2-postgres","title":"Installing OpenIAM with a remote Postgres database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-upgradingto-42115","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/3-MSSQL","title":"Installing OpenIAM with a remote MSSQL database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/1-upgrade-4219","title":"Upgrade from version 4.2.1.5-4.2.1.8 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/2-upgrade-42110","title":"Upgrade from version 4.2.1.9 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/3-upgrade-42111","title":"Upgrade from version 4.2.1.10 to version 4.2.1.11 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/4-upgrade-42115","title":"Upgrade from version 4.2.1.x to version 4.2.1.15 in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/3-upgrade-42113k8-rabbitmq","title":"Upgrading from version below 4.2.1.8 to version 4.2.1.13 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/4-upgrade-42115k8","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/6-upgrade-422k8","title":"Upgrading from version 4.2.1.x to version 4.2.2 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/5-upgrade-42112k8","title":"Upgrading from version 4.2.1.x to version 4.2.1.12 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/1-gce","title":"GCE Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/2-aws","title":"AWS Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/3-helm","title":"Private Kubernetes Cluster using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/4-azure","title":"Azure Kubernetes Guide"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/3-ldapattributeslists","title":"LDAP Attribute list for User Synchronization"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/1-ldapvalidation","title":"Synchronization Validation Script"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/2-ldapsynchusers","title":"LDAP User Synchronization Script"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/1-ADgroup-transformation","title":"Sample transformation script for AD groups"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/2-csv-transformation","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/4-csv-users-entitlements","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/3-ADtransformation-usergroup","title":"Sample transformation script for AD users and group memberships"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.2","title":"Release 4.2.2"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/4-adpowershell","title":"Active Directory PowerShell connector"}}},{"node":{"fields":{"slug":"/appendix/5-message_en_file","title":"Message properties"}}}]}},"pageContext":{"id":"8cb9c365-4043-54f1-bd64-d7526534bc48"}}, "staticQueryHashes": ["2619113677","3706406642","417421954"]}