{ "componentChunkName": "component---src-templates-docs-js", "path": "/installation/2-docker-installation", "result": {"data":{"site":{"siteMetadata":{"title":"OpenIAM Documentation v2026.5.1 | OpenIAM","docsLocation":""}},"mdx":{"fields":{"id":"0d42cf29-f18b-596d-b243-4a758d635b8b","title":"Deploying via Docker","slug":"/installation/2-docker-installation"},"body":"var _excluded = [\"components\"];\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n \"title\": \"Deploying via Docker\",\n \"metaTitle\": \"Deploying via Docker\",\n \"metaDescription\": \"This page describes how to deploy OpenIAM in Docker\"\n};\nvar layoutProps = {\n _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n var components = _ref.components,\n props = _objectWithoutProperties(_ref, _excluded);\n\n return mdx(MDXLayout, _extends({}, layoutProps, props, {\n components: components,\n mdxType: \"MDXLayout\"\n }), mdx(\"p\", null, \"This section describes how to deploy the OpenIAM platform in a \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Docker Swarm\"), \" environment. The procedures described in this section must be performed in the order that they are presented. Some steps in this installation require \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"root\"), \" level privileges to the system where OpenIAM will be deployed.\"), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"\\u26A0\\uFE0F Warning! \"), \"Due to limitations in Swarm's architecture, which is \", mdx(\"span\", {\n style: {\n \"fontWeight\": \"bold\"\n }\n }, \"NOT an HA deployment\"), \", it is \", mdx(\"span\", {\n style: {\n \"fontWeight\": \"bold\"\n }\n }, \" no longer meant for production use\"), \". Although we maintain this repository, and ensure that it properly works, we highly recommend using our \", mdx(\"a\", {\n href: \"6-kubernetes-installation\"\n }, \"Kuberentes deployment structure\"), \", being a true HA deployment and enabling horizontal scaling across N nodes.\"), mdx(\"h4\", null, \"What is Docker?\"), mdx(\"p\", null, \"Docker is a tool for creating, deploying, and running applications using containers. Docker Compose is a tool for defining and running multi-container Docker applications. Docker provides a standardized, lightweight, execution environment that maintains all dependencies within it. It can be run on either physical or virtualized environments which are on-premises or in the cloud. For more information about docker, please see the \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://www.docker.com/\"\n }, \"Docker website\"), \" and \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://docs.docker.com/\"\n }, \"Docker Documentation\"), \".\"), mdx(\"h1\", null, \"OpenIAM on Docker\"), mdx(\"p\", null, \"The OpenIAM Docker deployment method enables you to deploy on OpenIAM using a series of pre-configured containers in a short amount of time without the complexity of deploying a series of dependencies. The simplified deployment method requires the following.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Installing the Docker software.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Configuring environment variables.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Running scripts for setting up and starting up the OpenIAM instance. Running the deployment scripts automatically takes care of all component dependencies and release updates.\")), mdx(\"p\", null, \"OpenIAM docker containers are maintained on OpenIAM Container Registry. Once these containers have been pulled into your environment using the details below, you will also need:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Docker client. Docker Community Edition (CE) versions 19.03.12 or higher;\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Docker compose. Defines and enables the operation of a multi-container Docker application. OpenIAM uses \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"docker-compose\"), \" file format 3.2.\")), mdx(\"h1\", null, \"OpenIAM solution stacks\"), mdx(\"p\", null, \"The OpenIAM solution consists of several stacks that are deployable the Docker Swarm. Docker Swarm is a container orchestration tool, meaning that it allows managing multiple containers deployed across multiple host machines. The content of each stack is described below.\"), mdx(\"h2\", null, \"Critical infrastructure stacks\"), mdx(\"p\", null, \"The infrastructure stacks are used across the OpenIAM solution regardless of the functionality that you are enabling. These components must be operational for the OpenIAM solution to function correctly.\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Stack Name\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"OpenSearch\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs OpenSearch. OpenSearch is an enterprise-level search engine. OpenSearch uses an index-based search approach, which allows for fast searching. The architecture allows for scalability, flexibility, and multi-tenancy support\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Redis\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs Redis. Redis is an in-memory data structure store used as a database, cache, and message broker by OpenIAM\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"MariaDB / PostgresSQL\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs either MariaDB or PostgreSQL as the product repository. MariaDB is configured as the default repository. Aside from these two databases, you can also use a remote database\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"RabbitMQ\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs RabbitMQ. RabbitMQ is the message brokering software service for sending and receiving messages between systems\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Vault\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs Hashicorp's Vault. Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"ETCD\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs ETCD, which is used to store Vault data. ETCD is a distributed key-value store.\")))), mdx(\"p\", null, mdx(\"em\", {\n parentName: \"p\"\n }, \"MariaDB is the default Database. You can change it to PostgreSQL if you prefer. You will not enable both databases.\")), mdx(\"h2\", null, \"Service stacks\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Stack Name\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"OpenIAM core services\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs services shared across the product.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Identity manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs the identity manager application. Identity manager automates the task of managing identities across various devices and applications used by the enterprise.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Workflow\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs the workflow application. A workflow is a repeatable process during which documents, information, or requests are passed from one participant to another for action, according to a set of procedural rules. A participant can be a person, machine, or both.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Groovy manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs Groovy Manager, an application for managing Groovy scripts in OpenIAM. Apache Groovy is a dynamic programming language for the Java platform. allows you to add, update, edit, and modify Groovy scripts to extend the identity governance and web access management functionality to meet specific, complex requirements.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Synchronization\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs the synchronization application. Synchronization allows you to synchronize data from one or more authoritative sources to a set of managed systems. Synchronization configuration enables monitoring a source system for changes and then updating target systems at scheduled periodic intervals.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Reconciliation\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs the reconciliation application. This is two side synchronization between OpenIAM and the target system.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Authorization manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs the authorization manager. This module handles RBAC authorization via relationships between Users, Organizations, Roles, Groups, and Resources.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"E-mail Manager\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Runs the email manager. Handles sending and receiving email.\")))), mdx(\"h2\", null, \"UI Stack\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Stack Name\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Tomcat with three applications\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"span\", null, \"These are:\"), mdx(\"ul\", null, mdx(\"li\", null, mdx(\"strong\", {\n parentName: \"td\"\n }, \"IdP\"), \". The OpenIAM web application which provides centralized authentication and self-service password reset functionality. This application also allows OpenIAM to be configured as both an Identity Provider and a Service Provider.\"), mdx(\"li\", null, mdx(\"strong\", {\n parentName: \"td\"\n }, \"webconsole\"), \". The OpenIAM web application for administrators for managing identities across various devices and applications used by an enterprise, and for controlling access to these devices and applications.\"), mdx(\"li\", null, mdx(\"strong\", {\n parentName: \"td\"\n }, \"SelfService Portal\"), \". The OpenIAM end-user web application that allows users to create new requests, reset and change passwords, manage their profiles, manage access requests, manage challenge response security questions, look up corporate users through a directory search, and reset their accounts if they are locked out. Authorized users can also use the request approval functionality.\")))))), mdx(\"h2\", null, \"Reverse Proxy Stack\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Stack Name\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Apache Web server with rProxy\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Gateway between clients and a server for managing inbound traffic to a server.\")))), mdx(\"h1\", null, \"System requirements\"), mdx(\"p\", null, \"The table below specifies the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"minimum system requirements\"), \" for deploying a non-production OpenIAM v4.2.x instance using Docker.\"), mdx(\"h2\", null, \"MINIMUM hardware requirements\"), mdx(\"p\", null, \"For non-production use, the Linux Host or VM \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"must\"), \" have the following \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"minimum\"), \" configuration:\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Configuration\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Non-Production\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Production (may increase based on sizing)\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Memory\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"48 GB\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"64 GB\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"CPU\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"8 CPUs\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"12 CPUs\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Disk\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"80 GB\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"200 GB\")))), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Please ensure that you are environment is aligned with the minimum system requirements described above. These parameters are not optional. OpenIAM will not start if system resources are below the minimum levels.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"For production use\"), \": Customers with active subscriptions and partners, should contact OpenIAM Support (\", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"mailto:techsupport@openiam.com\"\n }, \"techsupport@openiam.com\"), \") for assistance with sizing requirements.\"), mdx(\"h2\", null, \"Software requirements\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Specification\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"left\"\n }, \"Requirement\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"OS\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"left\"\n }, \"Ubuntu (22.04 LTS, 24.04 LTS) or Centos8/Centos9/RHEL8/RHEL9/RockyLinux8/RockyLinux9\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Docker client\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"left\"\n }, \"23.0.1 or higher\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Docker compose\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"left\"\n }, \"1.28.2 or higher\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Supported browsers\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"left\"\n }, \"Google Chrome (v89.0.4389.114 and later), Microsoft Edge, Mozilla Firefox (v87 and later).\", mdx(\"br\", null), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Note:\"), \" Internet Explorer (IE) is not supported.\"))))), mdx(\"h1\", null, \"Preparing your system\"), mdx(\"p\", null, \"The OpenIAM application requires the configurations described below to be performed prior to installing the application.\"), mdx(\"h2\", null, \"Install pre-requisite packages\"), mdx(\"p\", null, \"Prior to installing the OpenIAM, please execute the commands below to install the required packages. If you have already logged in as \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"root\"), \", you do not need to prefix them with \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"sudo\"), \". If you have used another account, then you need to use \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"sudo\"), \".\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Command on CentOS 8 Stream\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Command on Ubuntu\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Update the OS\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"dnf\"), \" update\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"apt-get update\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Install Nano\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"dnf\"), \" install nano\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"apt-get install nano\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Install \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"wget\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"dnf\"), \" install \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"wget\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"apt-get install \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"wget\"))), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Install git\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"dnf\"), \" install git\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"apt-get install git\")))), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Example for CentOS 8 Stream\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"dnf update\\ndnf install nano wget git\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Example for Ubuntu 22.04\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"apt-get update\\napt-get upgrade\\napt-get install nano wget git\\n\")), mdx(\"h2\", null, \"Update the hosts\\u2019 file\"), mdx(\"p\", null, \"Make sure that your \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"/etc/hosts\"), \" file contains a value for the hostname that you defined earlier. To edit the hosts file, use an editor like Nano.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"127.0.0.1 iam-nonprod\\n\")), mdx(\"h2\", null, \"Settings for OpenSearch and Docker\"), mdx(\"h3\", null, \"OpenSearch\"), mdx(\"p\", null, \"OpenIAM uses OpenSearch as a search engine. To enable fast access, OpenSearch maps portions of an index into its memory address space. This is done through \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"nmap\"), \", a Unix system call that maps files or devices into memory. To use \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"mmap\"), \" effectively, OpenSearch requires sufficient \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"mmap\"), \" counts. The default operating system limits on \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"mmap\"), \" counts are inadequate for the required performance and this may result in out of memory exceptions. The required \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"mmap\"), \" value can be configured by setting the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"vm.max_map_count\"), \" value in \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"/etc/sysctl.conf\"), \" to be at least 262144. To ensure that the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"vm.max_map_count\"), \" persists across restarts, set this value in the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"/etc/sysctl.conf\"), \" file\"), mdx(\"h3\", null, \"Disabling IPv6 on Docker Host\"), mdx(\"p\", null, \"By default, IPv6 is disabled in Docker. Disabling IPv6 on Docker host(s) prevents any potential network issues. To disable IPv6 on host(s) where Docker is running, ensure that the Docker host(s) have the following value set in \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"/etc/sysctl.conf\"), \": \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"net.ipv6.conf.all.disable_ipv6=1\"), \" and \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"net.ipv6.conf.default.disable_ipv6 = 1\"), \".\"), mdx(\"p\", null, \"To summarize, the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"/etc/sysctl.conf\"), \" file must have the following changes.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"vm.max_map_count=262144\\nnet.ipv6.conf.all.disable_ipv6=1\\nnet.ipv6.conf.default.disable_ipv6=1\\n\")), mdx(\"p\", null, \"Save the above changes and then run \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"sudo sysctl -p\"), \" to apply these settings without restarting the system.\"), mdx(\"h1\", null, \"Install the Docker engine\"), mdx(\"p\", null, \"Docker Engine is a containerization technology for building and containerizing applications. Docker Engine acts as a client-server application with:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"A server with a long-running daemon process \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"dockerd\"), \".\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"APIs which specify interfaces that programs can use to talk to and instruct the Docker daemon.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"A command line interface (CLI) client \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"docker\"), \".\")), mdx(\"p\", null, \"To install the docker engine, follow the OS specific steps below. For, additional information related to the installation of the docker engine can be found at:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"a\", {\n parentName: \"li\",\n \"href\": \"https://docs.docker.com/engine/install/centos/\"\n }, \"Docker docs for CentOS / RHEL\"), \".\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"a\", {\n parentName: \"li\",\n \"href\": \"https://docs.docker.com/engine/install/ubuntu/\"\n }, \"Docker docs for Ubuntu\"), \".\")), mdx(\"h2\", null, \"Ubuntu\"), mdx(\"h3\", null, \"Setup the repository\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Update the apt package index and install packages to allow apt to use a repository over HTTPS.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo apt-get install \\\\\\n ca-certificates \\\\\\n curl \\\\\\n gnupg \\\\\\n lsb-release\\n\")), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Add Docker's official GPG Key.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo mkdir -p /etc/apt/keyrings\\ncurl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg\\n\")), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Use the following command to setup the repository.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"echo \\\\\\n \\\"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \\\\\\n $(lsb_release -cs) stable\\\" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null\\n\")), mdx(\"h3\", null, \"Install the Docker engine\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Update the apt package index.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \" sudo apt-get update\\n\")), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Note:\"), \" If you receive a GPG error when running apt-get update, then follow the steps below. Your default umask may be incorrectly configured, preventing detection of the repository public key file.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo chmod a+r /etc/apt/keyrings/docker.gpg\\nsudo apt-get update\\n\")), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Install the Docker engine, \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"containerd\"), \", and Docker compose plugin, by executing the following command.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin\\n\")), mdx(\"p\", null, \"You will be asked...\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Restarting services...\\nDaemons using outdated libraries\\n--------------------------------\\n\\n 1. systemd-journald.service 2. systemd-logind.service 3. systemd-manager 4. systemd-networkd.service 5. systemd-resolved.service 6. user@1000.service 7. none of the above\\n\\nWhich services should be restarted?\\n\")), mdx(\"p\", null, \"... enter the items or ranges you want to select, separated by spaces, as shown below.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"1035px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/0229b310f9024c25ce4c176965d13abc/1e5d2/2-docker-installation-services.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"12.741312741312742%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAADCAYAAACTWi8uAAAACXBIWXMAABJ0AAASdAHeZh94AAAAUUlEQVQI16WOUQrAMAhDLa1S1MDuf9kMS9vvwT4eJiiJ4u5UM6oqReQ/mcmIWIGFqXGMQdslvfdbWLp25/b44mhJgEASwAqez7xhrbXP1Hc1Xxg5Pi+YuVryAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Services to restart\",\n \"title\": \"Services to restart\",\n \"src\": \"/docs-2026.5.1/static/0229b310f9024c25ce4c176965d13abc/e3189/2-docker-installation-services.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/0229b310f9024c25ce4c176965d13abc/a2ead/2-docker-installation-services.png 259w\", \"/docs-2026.5.1/static/0229b310f9024c25ce4c176965d13abc/6b9fd/2-docker-installation-services.png 518w\", \"/docs-2026.5.1/static/0229b310f9024c25ce4c176965d13abc/e3189/2-docker-installation-services.png 1035w\", \"/docs-2026.5.1/static/0229b310f9024c25ce4c176965d13abc/44d59/2-docker-installation-services.png 1553w\", \"/docs-2026.5.1/static/0229b310f9024c25ce4c176965d13abc/1e5d2/2-docker-installation-services.png 1630w\"],\n \"sizes\": \"(max-width: 1035px) 100vw, 1035px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"To verify the services use the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"systectl status docker\"), \" command.\"), mdx(\"h2\", null, \"CentOS 9 Stream / RHEL 9\"), mdx(\"h3\", null, \"Setup the repository\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Install the yum-utils package (which provides the yum-config-manager utility) and set up the stable repository.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"yum install -y yum-utils\\n\\nyum-config-manager \\\\\\n --add-repo \\\\\\n https://download.docker.com/linux/centos/docker-ce.repo\\n\")), mdx(\"h3\", null, \"Install the Docker engine\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Install the latest version of Docker Engine and \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"containerd\"), \". The next step is to start the engine.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"yum install docker-ce docker-ce-cli containerd.io\\nsystemctl start docker\\nsystemctl enable docker.service\\nsystemctl enable containerd.service\\nsystemctl service docker\\ndocker -v\\n\")), mdx(\"h3\", null, \"Install Docker compose\"), mdx(\"p\", null, \"Compose is a tool for defining and running multi-container Docker applications such as OpenIAM. With Compose, you use a YAML file to configure your application\\u2019s services. Then, with a single command, you create and start all the services from your configuration. The procedure described below installs version 1.28.2 of Docker Compose on your system.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Run the command below to download the current stable release of Docker Compose.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \" curl -L \\\"https://github.com/docker/compose/releases/download/1.28.2/docker-compose-$(uname -s)-$(uname -m)\\\" -o /usr/local/bin/docker-compose\\nmv /usr/local/bin/docker-compose /usr/bin/docker-compose\\nchmod +x /usr/bin/docker-compose\\ndocker-compose --version\\n\")), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Apply executable permissions to the binary.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"chmod +x /usr/local/bin/docker-compose\\n\")), mdx(\"p\", null, \"To check the version of docker compose, run the command below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"docker-compose --version\\n\")), mdx(\"h3\", null, \"Verify that Docker engine is installed correctly\"), mdx(\"p\", null, \"Run the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"hello-world\"), \" image.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"docker run hello-world\\n\")), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Note:\"), \" If you get the following response when running \", mdx(\"span\", {\n style: {\n \"fontWeight\": \"bold\"\n }\n }, \"docker run hello-world\"), \", then use the work-around below.\"), mdx(\"blockquote\", null, mdx(\"blockquote\", {\n parentName: \"blockquote\"\n }, mdx(\"p\", {\n parentName: \"blockquote\"\n }, \"Status: Downloaded newer image for hello-world:latest\\ndocker: Error response from daemon: cgroups: cgroup mountpoint does not exist: unknown.\\nERRO\", \"[0001]\", \" error waiting for container: context canceled\"))), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Solution:\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"mkdir /sys/fs/cgroup/systemd\\nmount -t cgroup -o none,name=systemd cgroup /sys/fs/cgroup/systemd\\ndocker run hello-world\\n\\n\")), mdx(\"p\", null, \"After successfully running the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"hello-world\"), \" test, we can proceed to installing the application.\"), mdx(\"p\", null, \"Log into OpenIAM Container Registry. In order to login to the container registry over cli use the below command.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"docker login -u {your_name} -p {your_password} registry.openiam.com\\n\")), mdx(\"h2\", null, \"Enable cgroups-v1 support on Ubuntu 24.04 LTS\"), mdx(\"p\", null, \"Ubuntu 24.04 LTS uses \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"cgroup v2\"), \" by default. However, some Docker-based components (such as Elastic Stack images) still rely on \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"cgroup v1\"), \" for memory and resource control. Hence, the cgroup v1 \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"need to be enabled\"), \". The steps below provide guidance on how to do it on Ubuntu 24.04 LTS.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Run the following command to verify and confirm the operating system version.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"cat /etc/os-release\\n\")), mdx(\"p\", null, \"Ensure the output \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"confirms Ubuntu 24.04 LTS\"), \" (Noble Numbat).\\n2. Check Docker\\u2019s cgroup configuration and kernel status with the following commands.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"docker info | grep -i cgroup\\ncat /proc/cgroups\\n\")), mdx(\"p\", null, \"This helps confirm whether the system is currently using cgroup v2.\\n3. View the current GRUB configuration:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"cat /etc/default/grub\\n\")), mdx(\"p\", null, \"Create a backup copy before making changes as follows.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo cp /etc/default/grub /root/\\n\")), mdx(\"ol\", {\n \"start\": 4\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Edit GRUB Configuration. Open the GRUB configuration file in a text editor\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo vi /etc/default/grub\\n\")), mdx(\"p\", null, \"Modify or append the following parameters.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"GRUB_CMDLINE_LINUX_DEFAULT=\\\"quiet splash systemd.unified_cgroup_hierarchy=0 systemd.legacy_systemd_cgroup_controller=yes\\\"\\nGRUB_CMDLINE_LINUX=\\\"systemd.unified_cgroup_hierarchy=0 systemd.legacy_systemd_cgroup_controller=yes\\\"\\n\")), mdx(\"ol\", {\n \"start\": 5\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Apply GRUB changes. Update GRUB to apply the configuration changes with the following command.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo update-grub\\n\")), mdx(\"ol\", {\n \"start\": 6\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Reboot the system to load the new kernel parameters.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo reboot\\n\")), mdx(\"ol\", {\n \"start\": 7\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"After the system reboots, verify that cgroup v1 is active as follows.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"mount | grep cgroup\\ncat /proc/cgroups\\ndocker info | grep -i cgroup\\n\")), mdx(\"p\", null, \"You should see individual cgroup subsystems instead of unified cgroup2.\\n8. Restart Docker service\\nIf Docker is already installed, restart its service after reboot:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo systemctl restart docker\\n\")), mdx(\"p\", null, \"Use the following checks to \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"confirm successful configuration\"), \".\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"mount | grep cgroup\"), \" shows multiple subsystems (cpu, memory, blkio, etc.)\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"cat /proc/cgroups\"), \". Enabled = 1 for active controllers.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"docker info\"), \". Displays 'Cgroup Version: 1'.\")), mdx(\"h1\", null, \"Configuring Port Assignments in OpenIAM Docker Deployment (Optional)\"), mdx(\"p\", null, \"This section outlines the process for modifying port assignments for the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Reverse Proxy\"), \" and \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"UI Service\"), \" in an OpenIAM Docker environment.\"), mdx(\"h2\", null, \"Reverse Proxy Port Configuration\"), mdx(\"p\", null, \"By default, the UI service is accessible only via the reverse proxy. If you need to modify the exposed port for the reverse proxy, follow these steps:\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Open the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"docker-compose.yaml\"), \" file for the reverse proxy:\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"File location:\"), mdx(\"br\", {\n parentName: \"li\"\n }), mdx(\"a\", {\n parentName: \"li\",\n \"href\": \"https://bitbucket.org/openiam/openiam-docker-compose/src/5006bbca71707f7375f383c8c5415f0734dc2139/3.2/rproxy/docker-compose.yaml\"\n }, mdx(\"inlineCode\", {\n parentName: \"a\"\n }, \"rproxy/docker-compose.yaml\")), \" \"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Navigate to \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"line 41\"), \", where the \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"ports\"), \" configuration is set.\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Update the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"published port\"), \":\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Locate the following entry:\", mdx(\"pre\", {\n parentName: \"li\"\n }, mdx(\"code\", {\n parentName: \"pre\"\n }, \"published: 80\\n\"))), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Replace \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"80\"), \" with the desired port number.\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Restart the application to apply changes:\"), mdx(\"pre\", {\n parentName: \"li\"\n }, mdx(\"code\", {\n parentName: \"pre\",\n \"className\": \"language-sh\"\n }, \"./shutdown.sh\\n./startup.sh\\n\")))), mdx(\"h2\", null, \"Exposing UI Service Port\"), mdx(\"p\", null, \"By default, the UI service is \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"not exposed\"), \" to the host and is accessible only via the reverse proxy. If a customer requires \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"direct access\"), \" to the UI service, you can manually expose its port by modifying the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"docker-compose.yaml\"), \" file for the UI service.\"), mdx(\"h3\", null, \"Steps to Expose the UI Service Port\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Open the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"docker-compose.yaml\"), \" file for the UI service:\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"File location:\"), mdx(\"br\", {\n parentName: \"li\"\n }), mdx(\"a\", {\n parentName: \"li\",\n \"href\": \"https://bitbucket.org/openiam/openiam-docker-compose/src/main/3.2/ui/docker-compose.yaml\"\n }, mdx(\"inlineCode\", {\n parentName: \"a\"\n }, \"ui/docker-compose.yaml\"))))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Add the following \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"ports\"), \" block to the service definition:\"), mdx(\"pre\", {\n parentName: \"li\"\n }, mdx(\"code\", {\n parentName: \"pre\"\n }, \"ports: \\n - target: 8080 \\n published: 8088\\n protocol: tcp \\n mode: host\\n\")))), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Replace \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"8088\"), \" with the desired port number.\")), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Restart the UI service to apply the changes.\")), mdx(\"h1\", null, \"Installing the OpenIAM application\"), mdx(\"p\", null, \"The installation process allows for a significant amount of flexibility. The steps below describe the minimum number of parameters which need to be configured to install on a single VM. Additional details in the sections referenced by the table below. If you are new to OpenIAM, we recommend starting with the simpler path with a more limited set of options.\"), mdx(\"h2\", null, \"Clone the OpenIAM Docker repository\"), mdx(\"p\", null, \"Next, we need to clone the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"OpenIAM docker compose\"), \" repository from OpenIAM's Git Repository. This project contains scripts that set environment variables, start and stop the container services. To clone the repository, follow the steps below.\"), mdx(\"p\", null, mdx(\"em\", {\n parentName: \"p\"\n }, \"They should be performed in a Linux terminal window.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"mkdir -p /usr/local/openiam\\ncd /usr/local/openiam\\ngit clone https://bitbucket.org/openiam/openiam-docker-compose.git\\ncd openiam-docker-compose/\\ngit checkout RELEASE-2026.5.1\\n\")), mdx(\"p\", null, \"The cloned repository will contain the following scripts.\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Script\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"env.sh\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"File containing environment variables. The required environment variables can be updated and added in this file. The \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"env.sh\"), \" file is sourced during the installation process and the export statements in this file are executed.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"setup.sh\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Script for setting up and updating the OpenIAM configuration. During the initial OpenIAM deployment, this script initializes the network and pulls the latest images from the OpenIAM repository on OpenIAM Container Registry. When updating the OpenIAM deployment, running this script pulls newer images from the OpenIAM Container Registry.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"startup.sh\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Script for starting up the OpenIAM instance. When updating the OpenIAM deployment, running this script updates the configuration on your system with the latest release updates.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"strong\", {\n parentName: \"td\"\n }, \"Warning: Please do not modify this script in any way.\"))), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"shutdown.sh\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Script for shutting down all OpenIAM stacks, except volumes.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"teardown.sh\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Script for tearing down all OpenIAM stacks, volumes, and networks.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"generate.cert.sh\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Script to generate certificates or Vault authentication.\")))), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Additional configuration options\")), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Section\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"a\", {\n parentName: \"td\",\n \"href\": \"2-docker-installation/4-YAML-files\"\n }, \"YAML files\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"YAML configuration files are provided for the services and infrastructure components used within OpenIAM. These files provide configuration information for the containers.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"a\", {\n parentName: \"td\",\n \"href\": \"2-docker-installation/2-Configuration-options\"\n }, \"Configuration options\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Configuration options which will be used during installation.\")))), mdx(\"h2\", null, \"Set the community edition flag\"), mdx(\"p\", null, \"To ensure that the following steps pull the correct container images, update the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"/usr/local/openiam/openiam-docker-compose/env.sh\"), \" file so the \", mdx(\"em\", {\n parentName: \"p\"\n }, \"production tag\"), \" is referenced by setting the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"BUILD_ENVIRONMENT=\\\"dev\\\"\"), \" to \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"BUILD_ENVIRONMENT=\\\"prod\\\"\"), \".\"), mdx(\"p\", null, \"The result should look like in the example below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"...\\nexport BUILD_ENVIRONMENT=\\\"prod\\\"\\n...\\n\")), mdx(\"h2\", null, \"Initialize Vault\"), mdx(\"p\", null, \"OpenIAM uses a Vault to store secrets, such as database passwords, Redis passwords, etc. Communication with the Vault occurs via a certificate. Follow the steps below to generate the certificate.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Edit the \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"/usr/local/openiam/openiam-docker-compose/env.sh\"), \" file which was downloaded from the openiam-docker-compose project above.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Set the \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"VAULT_JKS_PASSWORD\"), \" in the env.sh file. This password can be anything that you want.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Run the command, shown below, to generate a CA Certificate.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"In the Enterprise version, you have the option to use an existing CA Certificate from a trusted CA.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"cd /usr/local/openiam/openiam-docker-compose\\nsudo ./generate.cert.sh\\n\")), mdx(\"p\", null, \"You should see output like the example shown below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"SQL Files exist\\nThis script will generate a keypair that vault will use. Make sure to first set VAULT_JKS_PASSWORD in env.sh\\nPress enter to continue\\nCertificate request self-signature ok\\nsubject=C = CZ, ST = Test, L = Test, O = Test, OU = Test, CN = vault\\nWarning: -clcerts option ignored with -export\\nwriting RSA key\\n\")), mdx(\"p\", null, \"Upon successful completion of the above operation, you should also see several certificates related files as shown in the image below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"-rw-r--r-- 1 root root 1302 Jan 29 03:09 vault.ca.crt\\n-rw------- 1 root root 1704 Jan 29 03:09 vault.ca.key\\n-rw-r--r-- 1 root root 1180 Jan 29 03:09 vault.crt\\n-rw-r--r-- 1 root root 985 Jan 29 03:09 vault.csr\\n-rw-r--r-- 1 root root 2 Jan 29 03:09 vault.file.srl\\n-rw------- 1 root root 2579 Jan 29 03:09 vault.jks\\n-rw------- 1 root root 1704 Jan 29 03:09 vault.key\\n-rw------- 1 root root 1704 Jan 29 03:09 vault.no_pem.key\\n-rw------- 1 root root 2579 Jan 29 03:09 vault.p12\\n\")), mdx(\"h2\", null, \"Define database ports\"), mdx(\"p\", null, \"Starting with V4.2.0, OpenIAM uses Flyway to manage database schema generation and migrations from one version to the next. This ensures that your database is properly versioned and up to date. OpenIAM supports Flyway versioning for MariaDB, PostgreSQL, and MSSQL, and Oracle 12.2+.\"), mdx(\"p\", null, \"The \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"env.sh\"), \" file defines properties which will be used by Flyway.\"), mdx(\"p\", null, \"At a minimum, you will need to define to set the following parameters.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"To enable Flyway, set the following properties in\", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \" env.sh\"), \".\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"DB_TYPE\"), \" - This parameter defines the type of database that you will be using as the OpenIAM product repository. My default this value is set to \\\"MariaDB\\\" which is installed by default.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"FLYWAY_OPENIAM_HOST\"), \" \\u2013 Is a host where the OpenIAM database will be residing. This is the primary product schema. If you are using MariaDB or PostgreSQL in a Docker container, set it to \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"database\"), \".\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"FLYWAY_OPENIAM_PORT\"), \" \\u2013 Is a port where the OpenIAM database will be running. Default ports for the supported databases include:\", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"MariaDB=3306.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Postgres=5432.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Oracle=1521.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Microsoft SQL Server=1433.\"))), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"FLYWAY_ACTIVITI_HOST\"), \" - Is a host where the Activti database will be residing. Activiti is the database used by the workflow engine. If you are using MariaDB or PostgreSQL in a Docker container, set it to \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"database\"), \".\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"FLYWAY_ACTIVITI_PORT\"), \" \\u2013 Is a port where Activiti database, which is used by the workflow engine, will be running.\")), mdx(\"p\", null, \"Example below shows the settings for MariaDB.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"export DB_TYPE=\\\"MariaDB\\\"\\n...\\n\\n# port of the activiti database. If using mariadb, this is likely '3306'. If using postgres, this is likely '5432'\\nexport FLYWAY_ACTIVITI_PORT=3306\\n\\n# host of the activiti database. If using mariadb or postgres in docker, this is likely 'database'\\nexport FLYWAY_ACTIVITI_HOST=database\\n\\n# port of the openiam database. If using mariadb, this is likely '3306'. If using mariadb, this is likely '3306'. If using postgres, this is likely '5432'\\nexport FLYWAY_OPENIAM_PORT=3306\\n\\n# host of the openiam database. If using mariadb or postgres in docker, this is likely 'database'\\nexport FLYWAY_OPENIAM_HOST=database\\n\")), mdx(\"h2\", null, \"Initialize Docker Swarm\"), mdx(\"p\", null, \"Docker uses swarms for cluster management and orchestration features of Docker Engine, the technology for containerizing applications. Docker engines participating in a cluster run in the swarm mode. The swarm mode is enabled by either initializing a swarm, as in the command above, or by joining an existing swarm. For more information, see \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://docs.docker.com/engine/swarm/\"\n }, \"Docker swarm\"), \" and \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://docs.docker.com/engine/swarm/key-concepts/\"\n }, \"Swarm mode key concepts\"), \" documentation.\"), mdx(\"p\", null, \"Make sure that you initialize the Docker swarm. Log into Docker and initialize the swarm by entering the following command in a terminal.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo docker swarm init\\n\")), mdx(\"p\", null, \"You will see output like the following.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Swarm initialized: current node (7risfc2161nwzir4a65po3lro) is now a manager.\\n\\nTo add a worker to this swarm, run the following command:\\n\\n docker swarm join --token SWMTKN-1-15mdug8xi71uap0dgaayqi2ohhl8qxaaeg7m8k6q015yiuqt0j-6ip90bh1rm2td8y9baoya4qlx 173.231.56.82:2377\\n\\nTo add a manager to this swarm, run 'docker swarm join-token manager' and follow the instructions.\\n\")), mdx(\"h2\", null, \"Open ports for Docker Swarm\"), mdx(\"p\", null, \"By default, the shell scripts provided by OpenIAM deploy to the Docker Swarm. You must ensure that the necessary ports are opened otherwise the manager and worker node(s) will not be able to communicate with each other.\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Important\"), \". Please consider this information about ports above 30000 used by the swarm from the load balancing section of Docker documentation:\"), mdx(\"blockquote\", null, mdx(\"blockquote\", {\n parentName: \"blockquote\"\n }, mdx(\"p\", {\n parentName: \"blockquote\"\n }, \"The swarm manager uses ingress load balancing to expose the services you want to make available externally to the swarm. The swarm manager can automatically assign the service a PublishedPort or you can configure a PublishedPort for the service. You can specify any unused port. If you do not specify a port, the swarm manager assigns the service a port in the 30000-32767 range.\"))), mdx(\"h2\", null, \"Pull the Docker images\"), mdx(\"p\", null, \"To setup (and/or update) your configuration, you can run the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"setup.sh\"), \" script. This will initialize the network and pull the latest images from OpenIAM Container Registry.\"), mdx(\"p\", null, \"The users, \", mdx(\"em\", {\n parentName: \"p\"\n }, \"familiar with OpenIAM\"), \", can modify the script as required by your internal needs.\"), mdx(\"p\", null, \"Run the setup.sh script as shown below to pull the docker images form OpenIAM Container Registry.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo ./setup.sh\\n\")), mdx(\"p\", null, \"This process will take several minutes. Upon successful completion, you will see the following lines at the end.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"...\\nDigest: sha256:0bb33339f0c06d781eaffb3e78e296f4ad8d1474915e7872e5a9094a8da9ee76\\nStatus: Downloaded newer image for registry.openiam.com/openiam_infra/vault-ce:alpine-2026.5.1-prod\\ndocker.io/registry.openiam.com/openiam_infra/vault-ce:alpine-2026.5.1-prod\\n+ docker pull registry.openiam.com/openiam_infra/vault-bootstrap-ce:alpine-2026.5.1-prod\\nalpine-2026.5.1-prod: Pulling from registry.openiam.com/openiam_infra/vault-bootstrap-ce\\n2408cc74d12b: Pull complete\\ne23a669031d3: Pull complete\\n58d03b857787: Pull complete\\n57690cd8fe01: Pull complete\\nd7ddacc22990: Pull complete\\n601a9aa2e412: Pull complete\\n7286a0f9c14c: Pull complete\\n064aa39d2270: Pull complete\\n9ac4bee4a2c2: Pull complete\\n6f8406638991: Pull complete\\n1a60362ddd04: Pull complete\\naf7fa38835b7: Pull complete\\n45dc28dcb82d: Pull complete\\nDigest: sha256:ef2fadb1bdeded40372a7caf5346e10f9a75b79f4a63db21596ede03c2000ca8\\nStatus: Downloaded newer image for registry.openiam.com/openiam_infra/vault-bootstrap-ce:alpine-2026.5.1-prod\\ndocker.io/registry.openiam.com/openiam_infra/vault-bootstrap-ce:alpine-2026.5.1-prod\\n+ docker pull registry.openiam.com/openiam_service/ui-ce:debian-2026.5.1-prod\\ndebian-2026.5.1-prod: Pulling from registry.openiam.com/openiam_service/ui-ce\\n9621f1afde84: Already exists\\n646a8f97c6a8: Already exists\\n111ef215ea01: Pulling fs layer\\nfb4ccfb62028: Pulling fs layer\\n5780a89424ca: Pulling fs layer\\nac405e1bcaf1: Pulling fs layer\\nc8599e3b267a: Pulling fs layer\\n45c751205584: Pulling fs layer\\nd073c823bebc: Pulling fs layer\\n5cc21ea2eea5: Pull complete\\nba7abde15e29: Pull complete\\nc984fa56e5a0: Pull complete\\nc384c82e524c: Pull complete\\n2f54ac6cc048: Pull complete\\ne571d9818056: Pull complete\\n0a0cdfc4b537: Pull complete\\nc738260940dc: Pull complete\\n9daad2955b32: Pull complete\\n6221693a634b: Pull complete\\n7dbe84e43ad2: Pull complete\\n97e706f13a86: Pull complete\\n4cae4fc929c4: Pull complete\\n43828485f417: Pull complete\\n56bc0ddee1a0: Pull complete\\n3611f7603357: Pull complete\\n2b9b44628925: Pull complete\\n8ac3b6158823: Pull complete\\n9a5c45fad651: Pull complete\\na2e069d4323a: Pull complete\\nc15344a40a9b: Pull complete\\n8b829f3b502c: Pull complete\\nd0c9bb174905: Pull complete\\nDigest: sha256:91626efa38c2580452f4c7f55732ff4c3038c0bdd1f143012ae209c7611dbcf5\\nStatus: Downloaded newer image for registry.openiam.com/openiam_service/ui-ce:debian-2026.5.1-prod\\ndocker.io/registry.openiam.com/openiam_service/ui-ce:debian-2026.5.1-prod\\n\")), mdx(\"h2\", null, \"Start the OpenIAM application\"), mdx(\"p\", null, \"Now you are ready to start the OpenIAM containers. Run the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"startup.sh\"), \" script to initiate the startup process.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"sudo ./startup.sh\\n\")), mdx(\"p\", null, \"You should see output like the example below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"root@localhost:/usr/local/openiam/openiam-docker-compose# ./startup.sh\\nSQL Files exist\\nUsing MariaDB as the database type...\\nNothing found in stack: flyway\\netcd_storage\\nvault_server_storage\\nvault_client_storage\\nconnector_data_storage\\nfilebeat-storage\\nopeniam-janusgraph-storage\\nupload_storage\\nUnable to find image 'busybox:latest' locally\\nlatest: Pulling from library/busybox\\n9ad63333ebc9: Pull complete\\nDigest: sha256:6d9ac9237a84afe1516540f40a0fafdc86859b2141954b4d643af7066d598b74\\nStatus: Downloaded newer image for busybox:latest\\nCreating service etcd_etcd\\nCreating service vault_vault\\nCreating service vault-bootstrap_vault_bootstrap\\nCreating service curator_curator\\nCreating service openiam-opensearch-storage_service\\nCreating service openiam-jks-storage_service\\nCreating service openiam-activiti-storage_service\\nCreating service openiam-rabbitmq-storage_service\\nCreating service openiam-iamscripts-storage_service\\nCreating service redis_service\\nCreating service opensearch_service\\nCreating service cassandra_cassandra\\nWaiting for cassandra to become running, so that we can bring up janusgraph\\nCreating service janusgraph_service\\nCreating service rabbitmq_service\\nopeniam-mysql-storage_storage\\nCreating service database_database\\nCreating service flyway_flyway\\nCreating service openiam_device-manager\\nCreating service openiam_auth-manager\\nCreating service openiam_groovy_manager\\nCreating service openiam_reconciliation\\nCreating service openiam_email-manager\\nCreating service openiam_synchronization\\nCreating service openiam_business-rules-manager\\nCreating service openiam_idm\\nCreating service openiam_esb\\nCreating service openiam_workflow\\nCreating service ui_ui\\nCreating service ldap-connector_service\\nCreating service rproxy_rproxy\\n\")), mdx(\"p\", null, \"Sometimes, users can get the following error after running the command above.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"+ docker network create --attachable --driver+overlay openiam-private\\ntkb6xv4eq1v4r20tplcjw11\\n+ sleep 5\\n+ docker pull registry.openiam.com/openiam_infra/flyway:debian-2026.5.1-prod\\nError response from daemon: pull access denied for registry.openiam.com/openiam_infra/flyway, reposivtory does not exist or may require 'docker login': denied:requested access to the resourse is denied azureuser@OIAM:/usr/local/openiam/openiam-docker-compose$\\n\")), mdx(\"p\", null, \"In this case, add the following command\\u2026\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"docker\\xA0login -u XXX -p XXX registry.openiam.com\\n\")), mdx(\"p\", null, \".. where \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"-u XXX\"), \" is a username and \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"-p XXX\"), \" is a password.\"), mdx(\"h3\", null, \"Watch the container startup process\"), mdx(\"p\", null, \"The containers may take 8 to 15 minutes (depending on your environment) to startup completely. You can watch the startup process using the command below. \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Note\"), \", that the UI container will take some time to start and will be among the last as it has dependencies on other components being up first.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"watch -n 5 'docker ps'\\n\")), mdx(\"p\", null, \"You should see output like the example below when all containers have started successfully.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Every 5.0s: docker ps localhost: Tue Jan 30 02:46:06 2024\\n\\nCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES\\nd77654ad06bb registry.openiam.com/openiam_service/synchronization-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_synchronization.uxe0l47\\nz26ubeags0f6i2h9yt.x9tb0r4zv5ngp7ezpwxd2gkhw\\n4ebcb5b5ccb5 registry.openiam.com/openiam_infra/redis-ce:debian-2026.5.1-prod \\\"redis.sh /run.sh\\\" 3 hours ago Up 3 hours (healthy) 6379/tcp redis_service.1.uyc7pw0n0cqlcxt\\na2svqud46c\\n417519dd58bd registry.openiam.com/openiam_service/groovy-manager-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_groovy_manager.uxe0l47z\\n26ubeags0f6i2h9yt.ugf9okpghfwrsbkbeayr2151u\\n571bbb9cf8b7 registry.openiam.com/openiam_service/auth-manager-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_auth-manager.uxe0l47z26\\nubeags0f6i2h9yt.sxgdv885fhs8kdhe42ujz9fns\\n90d6b5611335 registry.openiam.com/openiam_service/mariadb-ce:debian-2026.5.1-prod \\\"init.sh /opt/bitnam\\u2026\\\" 3 hours ago Up 3 hours (healthy) 3306/tcp database_database.1.36foh88mgh2\\nisusgypvq4mds7\\n19b6100351f3 registry.openiam.com/openiam_service/workflow-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_workflow.uxe0l47z26ubea\\ngs0f6i2h9yt.ja1w84wftb6nej2vlef2lkq6y\\n93ab34fe4c91 registry.openiam.com/openiam_service/device-manager-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_device-manager.uxe0l47z\\n26ubeags0f6i2h9yt.mefg80i4hsn7dx8hlb99s9yb8\\nd6efe734a8c4 registry.openiam.com/openiam_infra/rabbitmq-ce:alpine-2026.5.1-prod \\\"docker-entrypoint.s\\u2026\\\" 3 hours ago Up 3 hours (healthy) 4369/tcp, 5671-5672/tcp, 15691-15692/tcp, 25672/tcp rabbitmq_service.1.doci1z5ypha5\\nuahoj11zvn5s1\\ne2395b97271a registry.openiam.com/openiam_service/reconciliation-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_reconciliation.uxe0l47z\\n26ubeags0f6i2h9yt.3jm01yf0sxmasjyhxlot909hc\\nd1c4abdf8eca registry.openiam.com/openiam_service/idm-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_idm.uxe0l47z26ubeags0f6\\ni2h9yt.1r90ew19ev48ra96pqz3ufe9w\\n9cf6779c52a8 registry.openiam.com/openiam_service/ldap-connector-rabbitmq-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) ldap-connector_service.uxe0l47z\\n26ubeags0f6i2h9yt.m0muld83kpqgrd7leklb44lz0\\n903d5a9ae775 registry.openiam.com/openiam_service/email-manager-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) openiam_email-manager.uxe0l47z2\\n6ubeags0f6i2h9yt.626qka38iht4ggcb917iw3wko\\ndf03660737a4 registry.openiam.com/openiam_service/rproxy-ce:debian-2026.5.1-prod \\\"httpd-foreground\\\" 3 hours ago Up 3 hours (healthy) 0.0.0.0:80->80/tcp, 443/tcp rproxy_rproxy.uxe0l47z26ubeags0\\nf6i2h9yt.4m6f8h5sv1khf0v8ncga356ki\\n4cceeb5c242e registry.openiam.com/openiam_infra/janusgraph-ce:debian-2026.5.1-prod \\\"init.sh janusgraph\\\" 3 hours ago Up 3 hours (healthy) 8182/tcp janusgraph_service.1.8czw1aew0v\\nr95cfru5ms9wumh\\ndc489e4bcf07 bitnami/cassandra:3.11.10 \\\"/opt/bitnami/script\\u2026\\\" 3 hours ago Up 3 hours (healthy) 7000/tcp, 9042/tcp cassandra_cassandra.1.n80icn1rv\\ngxo30787pqporiba\\nc23454f6c49d registry.openiam.com/openiam_infra/vault-ce:alpine-2026.5.1-prod \\\"docker-entrypoint.s\\u2026\\\" 3 hours ago Up 3 hours (healthy) 8200/tcp vault_vault.1.it6b7du4vp2j9j9nj\\n00d4vemk\\n07fda75ba205 registry.openiam.com/openiam_infra/opensearch-ce:debian-2026.5.1-prod \\\"init.sh\\\" 3 hours ago Up 3 hours (healthy) 9200/tcp, 9300/tcp opensearch_service.uxe0l47z2\\n6ubeags0f6i2h9yt.jg4j5rb0hb0cvpdcbu98019ap\\n443ffe2aaddd registry.openiam.com/openiam_service/ui-ce:debian-2026.5.1-prod \\\"docker-entrypoint.s\\u2026\\\" 3 hours ago Up 3 hours (healthy) 8080/tcp ui_ui.uxe0l47z26ubeags0f6i2h9yt\\n.g4fh9r8g1sxabeq5c04zcjhw7\\n5cbfadbc86ac registry.openiam.com/openiam_service/esb-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) 9080/tcp openiam_esb.uxe0l47z26ubeags0f6\\ni2h9yt.ct9wt15av67ub9k486kirjjck\\n690529bf3076 registry.openiam.com/openiam_service/business-rule-manager-ce:debian-2026.5.1-prod \\\"docker-entrypoint.sh\\\" 3 hours ago Up 3 hours (healthy) 9080/tcp openiam_business-rules-manager.\\nuxe0l47z26ubeags0f6i2h9yt.2pkewzi8f32gvwl352ugi7odj\\n70c3c5a7ff51 bitnami/etcd:3.3.13 \\\"/entrypoint.sh etcd\\\" 3 hours ago Up 3 hours 2379-2380/tcp etcd_etcd.1.xkby0e1syswnk1kcjam\\na6pear\\n\\n\")), mdx(\"h3\", null, \"Validate the startup\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"curl -k -I -L http://127.0.0.1/idp/login\\n\")), mdx(\"p\", null, \"You should see output like the example below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"HTTP/1.1 200\\nDate: Tue, 30 Jan 2024 02:46:46 GMT\\nServer: Apache\\nReport-To: { \\\"group\\\": \\\"csp-endpoint\\\", \\\"max_age\\\": 10886400, \\\"endpoints\\\": [ { \\\"url\\\": \\\"http://127.0.0.1/selfservice/csp/report\\\" } ] }\\nContent-Security-Policy: default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' apis.google.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' *; form-action 'self' 'unsafe-inline' 'unsafe-eval' *; img-src 'self' data:; font-src 'self' *; report-uri /selfservice/csp/report; report-to csp-endpoint\\nReferrer-Policy: strict-origin\\nAccess-Control-Allow-Origin: *\\nX-Frame-Options: sameorigin\\nX-Content-Type-Options: nosniff\\nX-XSS-Protection: 1; mode=block\\nCache-Control: no-cache\\nPragma: no-cache\\nExpires: Wed, 31 Dec 1969 23:59:59 GMT\\nX-UA-Compatible: IE=EmulateIE10\\nx-openiam-force-auth: false\\nx-openiam-login-uri: /idp/login\\nContent-Type: text/html;charset=UTF-8\\nContent-Language: en-US\\nContent-Length: 4666\\nSet-Cookie: SESSION=N2EyYTQ0MjMtZmNlMC00OTlmLTg1NjItNDNmMjBmMjI1MmMy; Path=/; HttpOnly; SameSite=Lax\\nVary: Accept-Encoding\\n\")), mdx(\"p\", null, \"The application is now operational, and you can login.\"), mdx(\"h1\", null, \"First time login\"), mdx(\"p\", null, \"The final validation of our deployment is to be able to login to the OpenIAM web applications. To do this, must first find the IP address of our VM.\"), mdx(\"p\", null, \"Next open your browser (preferably Chrome or Firefox), and hit \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"http://[ip address of your installation ]/webconsole\"), \".\"), mdx(\"p\", null, \"Use the following credentials for the first time login.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"Username: sysadmin\\nPassword: passwd00\\n\")), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"418px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/d7398/first-timelogin.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"111.58301158301158%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAWCAYAAADAQbwGAAAACXBIWXMAAAsTAAALEwEAmpwYAAADL0lEQVQ4y6WUz2scZRjH9z/QP6AWr4oePOlFhNKTV28evHgTUaSK4KEFabUoKFga223aajRRBOkhiKZURZQaDdskzWZ3000gMSntzs7Or3d+zzvzkWc2u9m1iUR84LvPzPd9nu9+35n3mYrpBBi2j+sn3Kq3+eKzadbam8wvNqivbbKw3GKxscGNX37nh7kfuXxlitnv5qhWrzIxUWWhdhsv0hiWQrQqpaClUGHG9V9rXH7/PS5+eoUPLnzNyQ8needsler0LB9NTHHq5Lu8eeJtzpw+y6uvvMYbr5/gj4UlVJyPC3Ztn54b0Ol5/DS/zM1ag2tz86y2t1lubrGxbdDa2OG3m3/y112D2mKdpZUmy/UWO/dMem5YagwFB6KSVZhiq5j7pocbJNgqwvLCkpOtWV6EG6QlnCAdE5NckZ8BDMun01ND+5JHITsYuy/zXn/pMIgS0kyTpBqdF2Q6J9MF6W6We+H7a6PIh5z0iobthVTkRiLLMgzDQCmFbdso5eG6Lp7nYXa7mKaJZVlDSJ1wjm0zCFeVgllfUGvCMCRJEqIoIo7jPpKk5IUbQPgkSYd8nucURYEjgnGSkWuN1rokD4uBiEB6RaN0mGYZfpDSWd+ma3TY3NoqHfyXSNMUnWV7W5Z/01nfpTxLrfOSOyxKh/muwyjOsJ2YnhVh2RG9XRhmeGjcNwIcN8YLIiquHFiV8n+jZ8d4fkhF+QlGN0KpFNdLHoAzgv3WxYzssNMNUeIwTjNcP8ZyQmw3GsJyI3pOiKdilN9Hnw/HaiSbTkgQpX2Hcmwk9D+2kAPFfm90n5pBr6MCKjJCs9//zMfnP2di8ivOX5rZQ3WGc9UZJqe+5cLVbzhXnR7yJS7NlD3SW1taJUo1lbyAF19+i4ePPsPRJ45z5PFjY3j0yeM89/xLPPXsCxx57NgD69Lz0CNP88nFL0uXFRnqnbv3WG22ad3ZoLm2h5XmOourd7i10mKpvsbtRptGa32sRnqkt2c5qCDuv5SDIilATpSbFvgZeGnxr0enfIYyKYN5lAkZRX9ec4rdiShGJmO8Vpd15cfBdHxMWx2I7gHX+0E+un8Dho9QjLJzmVUAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"OpenIAM Login page\",\n \"title\": \"OpenIAM Login page\",\n \"src\": \"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/d7398/first-timelogin.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/a2ead/first-timelogin.png 259w\", \"/docs-2026.5.1/static/1b5d4df81e29060c7801f9535bda6b18/d7398/first-timelogin.png 418w\"],\n \"sizes\": \"(max-width: 418px) 100vw, 418px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"The next screen will ask you to change the default password. As you enter your new password, you will see the password policy on the side. Your password must align with this policy. You will be able to change both the password and the policy later\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"428px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/47730/change-password.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"132.81853281853282%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAbCAYAAAB836/YAAAACXBIWXMAAAsTAAALEwEAmpwYAAADPElEQVRIx5WVa08TQRSG+//8GfpFf4Ga+EETYiASlYjXqOANEm+gJAgokRCxhkhCIkkBU2ipvWzb3e51Zm99zZnd2U5rG+IkT87szszpOe85s821Oi6IpuHAsBgOyw0cnmjw/Bim68NhIWwWinlVM1Ajmh2Uq03xfFJrom164jz5yUlnuunhROvgzu172Fpdw8f1PJbXv2NxZRNLn7fwZukLZp/PY3r6Aaam7mJ8/AauXR3D05kXCLpAo23967BUN/D44Qzmn8zg+vQr3Hr0Gjfuz2P2zQpevlvD2PVJ3Lw5hfHxSUxMTOLypStY/LAMLxhwmKVsM/w+0bBfquFr/hcKxRoqDQOlahv1loXDo4o4+Keh46hcQ7Who6rp2XnhkCYSjSK1PHRsLqxuMRE5QZsNmwtLmtEa2VaqnySXbJB4iZXvOgrq+1FQhKbD0O12EccJURT1iGNEUdyzGRHCFFqjc+TDYz5ylsMhB700TRO6rqPRaAgrabfbAsMw+p59v3fe4z5FyFNnPacERdFqtQSaponDZIkgCLK9qu1zKMOWxHGaWhj2Qc5oTe4h+iK0PR+MMVQqlYxarSao1+sjUfcUCgUROQ/CxKHrutjd3cXOzo6wx8fHKJfLKJVKp0IBLCws4OBgH2HURc52ffi+j2azmQk9COk4ao2gItm2DcaDRMNuN870GIaq17C1pDCxLAoTC/QLlmXBcZxsTlAbkaV3sgCycHKsrq6Kc0JDipA2DlaTUKtM81FRUs9S9UXK1pCU1daRz8NaSP6QjFrcFJkyVZrSIitTlOkTdFDtU5V8/gc8zwX3w55DqjTnvM+qczXyQX7t7YEzBubLlNNbMUojWiONRpFVWU2ZovA8Bsa5gKfQLVJ1GoQGXQQ6n/YhExH6nMN1bDDPFZCWpCHpSeIPDvXDsLGxIfYLDa20baiHPD+BB1Hfx0KmPYq+xo7DEOuFOs5Mf8WFuW2cn9sW8097f8TGMEqama4XpUb3l6xKsVgUV1AUJQxC5Isazs5+w+X3O7j49ifOPdvC5mFdOIrS20E3Rn5hBqlWqzA7ncQhaagok6Lq1O19fU8Zosr0x6KbDtpD0P+TlmHjL6mBAHP5Ihi1AAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Change password\",\n \"title\": \"Change password\",\n \"src\": \"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/47730/change-password.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/a2ead/change-password.png 259w\", \"/docs-2026.5.1/static/b925a5c34ab913386d7545023d8dd01a/47730/change-password.png 428w\"],\n \"sizes\": \"(max-width: 428px) 100vw, 428px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"The next step is to define a content provider using the screen shown below. A \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"../getting-started/21-concepts\"\n }, \"Content provider\"), \" is an alias that represents a domain. Associated with the content provider can be UI themes, authentication policies, etc. The table below describes the fields on this screen.\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Name\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Content Provider Name\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"You can think of a content provider an \\u201Calias\\u201D which represents a domain. This is described in more detail in the OpenIAM documentation. For this setup, please enter a value such as: Default CP.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Domain Pattern\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This value is defaulted in. It should be the IP address or host DNS name of the instance where OpenIAM has been installed\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Application supports SSL?\"), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"This configuration determines if the OpenIAM application will be accessed over HTTP or HTTPS. Unless, you have already configured the certificate, select \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"Support on HTTP\"), \". You will be able to update this configuration later.\")))), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"766px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/f715ce7467f0b6823a62d0ae41fda405/f7616/content-provider.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"114.28571428571428%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAXCAYAAAALHW+jAAAACXBIWXMAAAsTAAALEwEAmpwYAAAC7UlEQVQ4y62U30tUQRTH79/SWxuoPYRiCtVLD8JqUUG/xIfQfj+kCVEgSVBr2INpPmgSIQlqkD5ov1AwiMBC113dVTFb15+Ieu+d+3Puj2/M3N2rW1YrNPDh3Dlz+N4558yMkHu4DHlFJ5BXdJJzsNgjp7AMgfwgDhSUIpCfJpiiFIGUn68XlGJ/ak2IxmYRm55DOBJHZHIa45EYJxz15hPROCYmve/I1IzvS6+HIzE+ZxpT8TkIpkmxsLiK74lFzCeWOInkMn4sLCORXPEt/05u+7y4FW7ZPLm0BpmoEF52DyJQdA7FwSsoLKni5B4tR86R7Mk7VoF9h06h9n4zhLHIDJ60dqGloxdNbd1o6XiNp+09aGrrQVN7djQ/70Xjsy68HfoCAf95CJZlQ5JliKIEXTfAamqYJrd7hlIItm1D1zVIkghNUwG4qX+5cN29wbQE23ZAFBOKSiETzxKFQtMtuK4Dx8mOHYI2VFXnKIoGQlQfFrSXwYS5IEtVUQg0TeMYug5KTV8wm3R9QdYUUSQQxS3IvDkiWBmyFcqsoQOBUhsbm2xnCt+drut7TjUjZa+gTuovKetk3wy/KcyypnwcGUXFjQe4fqcRV2sfo7I6hMrqRzvsvwjh8u0GXLhWj7bOfgh9gyMoOV+Ds1V1OHPpHoIXa1Fyrob7sqW0vBbHT99EqLmTNcWCKEmQJJkjywQyIZ79FfL7GjsdqxsSxufXYVHTqyE7Juy26Nz+DQ26qkDXtmNNQ8cWUTG7IsFlNWSCqqryXRJCQCnljfGK7fqwhpk2QMxUR/0Yh50v7rPSV88wKVRN42K7Dtc7l9iagxV/DzU8zruaPqtMg4mx8gn8MbAMWBqBaRjcyYQzMUEdwFqPw4gOQPw2CmoaoNTi8RnP1/y6jHfRRQzHV7BBNDj2boLWtigAG/DFWB0/DH9G38AQvo5FIXyaXUNd/zgeDkaQ3FRTD9efhuulv+MmGYaJ+oZW3LobwotXb/AT1WlO/99bm2AAAAAASUVORK5CYII=')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Define initial content provider\",\n \"title\": \"Define initial content provider\",\n \"src\": \"/docs-2026.5.1/static/f715ce7467f0b6823a62d0ae41fda405/f7616/content-provider.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/f715ce7467f0b6823a62d0ae41fda405/a2ead/content-provider.png 259w\", \"/docs-2026.5.1/static/f715ce7467f0b6823a62d0ae41fda405/6b9fd/content-provider.png 518w\", \"/docs-2026.5.1/static/f715ce7467f0b6823a62d0ae41fda405/f7616/content-provider.png 766w\"],\n \"sizes\": \"(max-width: 766px) 100vw, 766px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"After setting the content provider, you will be taken to the challenge questions page. These questions will be used to reset your admin account if you lock yourself out. Make a note of your answers.\"), mdx(\"div\", {\n className: \"note-box note\"\n }, mdx(\"i\", {\n className: \"material-icons\"\n }, \"note\"), mdx(\"span\", {\n className: \"mcFormatColor\"\n }, \"Note: \"), \"You will be able to update your password policy later. At that time, you can decide if you want to use challenge questions and/or some other method.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"764px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/f3c12/challengequestions.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"116.98841698841697%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAXCAYAAAALHW+jAAAACXBIWXMAAAsTAAALEwEAmpwYAAABqklEQVQ4y6WUPU/DMBCG8/+XDvyDDh2AIlWwMXVBoApaRKFSly4MqITmy3G+86LXcFFSUqhFpEeOnbs357uzHdeP0ebdU/DjHI/LNcanF5hc3+DsaorR2SWGwxEGgxOcjycIdYHtLsK+v0OBNltPmQ+vbx+YLVaY3i0xf9ng4WmN+8UzbmdzrNYbuIHGdtf1Jc4u1PBIlMALBY1ApYizCjorv+F7jaQAVFJ8+YRdH+IAQJZlUEohjuMGpWIEQQDf980YhmEzRlHUseWcGnycuq5RVRWKokBZlgbOkyRpnCnEkXOitW5s21DLyfPcGKRp2oF/tIEB0K8RJFzkFrjGKPui6ENs6W8EKSKiEi3Xj4URMi2NoEQn0IA5PRZqMLdGMOsRtBH7IdjOocA1W0G2lxHkglRVRn7Y/8lvSJoo3MkhBSXCYyss0Ke3yny3rbJU+mCVbfpQTpnned0qywlp58PmpHBnjWD7oBPb/DFC13VNYJ0qC/vn+i/aHWIEpcL/xQhyy7wLCUPmyA+2l0PTNhRMtLa+rg4Wpe/o2UbYaZu8p8o2bSN2cjl8AvGq+h0PG0xkAAAAAElFTkSuQmCC')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Challenge questions\",\n \"title\": \"Challenge questions\",\n \"src\": \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/f3c12/challengequestions.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/a2ead/challengequestions.png 259w\", \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/6b9fd/challengequestions.png 518w\", \"/docs-2026.5.1/static/cb10e4db7d02acc67789c78edfece801/f3c12/challengequestions.png 764w\"],\n \"sizes\": \"(max-width: 764px) 100vw, 764px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"p\", null, \"After completing the above steps, you will be taken the admin console landing page shown below. Allow the system about 5 min to refresh in the internal cache and then you can proceed to configure your solution.\"), mdx(\"p\", null, mdx(\"span\", {\n parentName: \"p\",\n \"className\": \"gatsby-resp-image-wrapper\",\n \"style\": {\n \"position\": \"relative\",\n \"display\": \"block\",\n \"marginLeft\": \"auto\",\n \"marginRight\": \"auto\",\n \"maxWidth\": \"360px\"\n }\n }, \"\\n \", mdx(\"a\", {\n parentName: \"span\",\n \"className\": \"gatsby-resp-image-link\",\n \"href\": \"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/f21e7/landing-page.png\",\n \"style\": {\n \"display\": \"block\"\n },\n \"target\": \"_blank\",\n \"rel\": \"noopener\"\n }, \"\\n \", mdx(\"span\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-background-image\",\n \"style\": {\n \"paddingBottom\": \"38.22393822393822%\",\n \"position\": \"relative\",\n \"bottom\": \"0\",\n \"left\": \"0\",\n \"backgroundImage\": \"url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAICAYAAAD5nd/tAAAACXBIWXMAAAsTAAALEwEAmpwYAAABUUlEQVQoz51Q20oCURSdr6mU8MVbEBYEUo0XfLF0LIMgFSFQ6imloG/qD/oHv8HyNmdmdG7nzIqzx8awnjqw2OvsvVisvZXcWQPxbAmJoyoy+SaOyx1kT2+ROtGQy1eRzFWwly4gliliJ6kiJnm6QDyeKRJ2UyoShxXsH5SgaJ0hLu6eoGp93Ny/otF9Jn7VfUG9PYSq9XDZGpDmvN5DvTNErT0gXmsN1po+ys1HlK4foFhsDtsyMP0Yg80mWJkMK0MPITn91zC3YDAsf+gkV2ZsCd2y4fkcnueBC4H/PhEEUD4XJma6BdfzyNB1XapCiF8IguDPfjgT4JxDmSxMzI0lGTHGIoHjOCSQ8HmYWtd12LZNXFbaiOY80pKhXFs2fd+PDL/FQgQQ3gq2xWA7LiWRSTfzTcofhlZ0OyneQIC60xFG728YT1l4q/X62+Bc4AuYbSPXSLA5nwAAAABJRU5ErkJggg==')\",\n \"backgroundSize\": \"cover\",\n \"display\": \"block\"\n }\n }), \"\\n \", mdx(\"img\", {\n parentName: \"a\",\n \"className\": \"gatsby-resp-image-image\",\n \"alt\": \"Webconsole landing page\",\n \"title\": \"Webconsole landing page\",\n \"src\": \"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/f21e7/landing-page.png\",\n \"srcSet\": [\"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/a2ead/landing-page.png 259w\", \"/docs-2026.5.1/static/660795e3721a67546447d34dd251f0e4/f21e7/landing-page.png 360w\"],\n \"sizes\": \"(max-width: 360px) 100vw, 360px\",\n \"style\": {\n \"width\": \"100%\",\n \"height\": \"100%\",\n \"margin\": \"0\",\n \"verticalAlign\": \"middle\",\n \"position\": \"absolute\",\n \"top\": \"0\",\n \"left\": \"0\"\n },\n \"loading\": \"lazy\",\n \"decoding\": \"async\"\n }), \"\\n \"), \"\\n \")), mdx(\"h1\", null, \"Frequently used commands with Docker\"), mdx(\"p\", null, \"The following commands are frequently used with Docker.\"), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Command\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Description\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"./startup.sh\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Starts the OpenIAM Docker containers.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"./shutdown.sh\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Stops the OpenIAM Docker containers.\", mdx(\"br\", null), \"Ensure that all containers have stopped before restarting. You can validate that the containers have stopped using the \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"docker ps\"), \" command.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"docker ps\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Shows all the containers which are running.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"watch -n 5 'docker ps'\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Allows you to observe the docker containers. The view is refreshed every \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"-n\"), \" seconds.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"docker logs [container id]\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Shows the logs related to the Container ID. You can get the Container ID from the \", mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"docker ps\"), \" command.\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"docker exec -it [container id] bash\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Allows connecting to the container\")), mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, mdx(\"inlineCode\", {\n parentName: \"td\"\n }, \"docker restart -t [time] [container id]\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": \"right\"\n }, \"Allows you to restart a container. Time is the number seconds to wait after stopping a container and starting it again.\")))), mdx(\"h3\", null, \"Additional resources\"), mdx(\"p\", null, mdx(\"iframe\", {\n width: \"1141\",\n height: \"642\",\n src: \"https://www.youtube.com/embed/SyakEHJK-Fo\",\n title: \"YouTube video player\",\n frameBorder: \"0\",\n allow: \"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\",\n allowFullScreen: true\n })));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"items":[{"items":[{"items":[{"url":"#what-is-docker","title":"What is Docker?"}]}]}]},{"url":"#openiam-on-docker","title":"OpenIAM on Docker"},{"url":"#openiam-solution-stacks","title":"OpenIAM solution stacks","items":[{"url":"#critical-infrastructure-stacks","title":"Critical infrastructure stacks"},{"url":"#service-stacks","title":"Service stacks"},{"url":"#ui-stack","title":"UI Stack"},{"url":"#reverse-proxy-stack","title":"Reverse Proxy Stack"}]},{"url":"#system-requirements","title":"System requirements","items":[{"url":"#minimum-hardware-requirements","title":"MINIMUM hardware requirements"},{"url":"#software-requirements","title":"Software requirements"}]},{"url":"#preparing-your-system","title":"Preparing your system","items":[{"url":"#install-pre-requisite-packages","title":"Install pre-requisite packages"},{"url":"#update-the-hosts-file","title":"Update the hosts’ file"},{"url":"#settings-for-opensearch-and-docker","title":"Settings for OpenSearch and Docker","items":[{"url":"#opensearch","title":"OpenSearch"},{"url":"#disabling-ipv6-on-docker-host","title":"Disabling IPv6 on Docker Host"}]}]},{"url":"#install-the-docker-engine","title":"Install the Docker engine","items":[{"url":"#ubuntu","title":"Ubuntu","items":[{"url":"#setup-the-repository","title":"Setup the repository"},{"url":"#install-the-docker-engine-1","title":"Install the Docker engine"}]},{"url":"#centos-9-stream--rhel-9","title":"CentOS 9 Stream / RHEL 9","items":[{"url":"#setup-the-repository-1","title":"Setup the repository"},{"url":"#install-the-docker-engine-2","title":"Install the Docker engine"},{"url":"#install-docker-compose","title":"Install Docker compose"},{"url":"#verify-that-docker-engine-is-installed-correctly","title":"Verify that Docker engine is installed correctly"}]},{"url":"#enable-cgroups-v1-support-on-ubuntu-2404-lts","title":"Enable cgroups-v1 support on Ubuntu 24.04 LTS"}]},{"url":"#configuring-port-assignments-in-openiam-docker-deployment-optional","title":"Configuring Port Assignments in OpenIAM Docker Deployment (Optional)","items":[{"url":"#reverse-proxy-port-configuration","title":"Reverse Proxy Port Configuration"},{"url":"#exposing-ui-service-port","title":"Exposing UI Service Port","items":[{"url":"#steps-to-expose-the-ui-service-port","title":"Steps to Expose the UI Service Port"}]}]},{"url":"#installing-the-openiam-application","title":"Installing the OpenIAM application","items":[{"url":"#clone-the-openiam-docker-repository","title":"Clone the OpenIAM Docker repository"},{"url":"#set-the-community-edition-flag","title":"Set the community edition flag"},{"url":"#initialize-vault","title":"Initialize Vault"},{"url":"#define-database-ports","title":"Define database ports"},{"url":"#initialize-docker-swarm","title":"Initialize Docker Swarm"},{"url":"#open-ports-for-docker-swarm","title":"Open ports for Docker Swarm"},{"url":"#pull-the-docker-images","title":"Pull the Docker images"},{"url":"#start-the-openiam-application","title":"Start the OpenIAM application","items":[{"url":"#watch-the-container-startup-process","title":"Watch the container startup process"},{"url":"#validate-the-startup","title":"Validate the startup"}]}]},{"url":"#first-time-login","title":"First time login"},{"url":"#frequently-used-commands-with-docker","title":"Frequently used commands with Docker","items":[{"items":[{"url":"#additional-resources","title":"Additional resources"}]}]}]},"parent":{"relativePath":"installation/2-docker-installation.md"},"frontmatter":{"metaTitle":"Deploying via Docker","metaDescription":"This page describes how to deploy OpenIAM in Docker"}},"allMdx":{"edges":[{"node":{"fields":{"slug":"/admin","title":"Administration guide"}}},{"node":{"fields":{"slug":"/appendix","title":"Appendix"}}},{"node":{"fields":{"slug":"/changelog","title":"Change log"}}},{"node":{"fields":{"slug":"/connectorconfig","title":"IdM Connectors"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice","title":"End user guide for SelfService portal"}}},{"node":{"fields":{"slug":"/ssocatalog","title":"SSO Catalog"}}},{"node":{"fields":{"slug":"/getting-started","title":"Getting Started"}}},{"node":{"fields":{"slug":"/troubleshooting","title":"FAQ / Troubleshooting"}}},{"node":{"fields":{"slug":"/developerguide","title":"Developer Guide"}}},{"node":{"fields":{"slug":"/whatsnew","title":"What's new in OpenIAM"}}},{"node":{"fields":{"slug":"/installation","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/admin/0-login","title":"Logging in to the admin portal"}}},{"node":{"fields":{"slug":"/admin/1-exportimport","title":"Import / Export"}}},{"node":{"fields":{"slug":"/","title":"Welcome to the OpenIAM Documentation"}}},{"node":{"fields":{"slug":"/admin/1-usradmin","title":"User administration"}}},{"node":{"fields":{"slug":"/admin/10-consent-management","title":"Consent management"}}},{"node":{"fields":{"slug":"/admin/10-password","title":"Password policy"}}},{"node":{"fields":{"slug":"/admin/12-administration","title":"Administration"}}},{"node":{"fields":{"slug":"/admin/13-selfregistration","title":"Self-registration"}}},{"node":{"fields":{"slug":"/admin/15-audit","title":"Audit"}}},{"node":{"fields":{"slug":"/admin/14-Help.Desk.User.Profile.Protection","title":"HelpDesk profile protection"}}},{"node":{"fields":{"slug":"/admin/18-services-passwd-change-k8","title":"Password update for OpenIAM services in Kubernetes"}}},{"node":{"fields":{"slug":"/admin/2-authentication","title":"Authentication"}}},{"node":{"fields":{"slug":"/admin/20-virtual-tentant-by-org","title":"Enabling a virtual tenant by organization"}}},{"node":{"fields":{"slug":"/admin/21-graph-rebuild","title":"Rebuilding OpenIAM's in-memory authorization graph"}}},{"node":{"fields":{"slug":"/admin/3-authz","title":"Managing access"}}},{"node":{"fields":{"slug":"/admin/22-token-session-util","title":"Session management utility for RPM"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/admin/16-admin-pswd-change","title":"Password reset for administrator's account"}}},{"node":{"fields":{"slug":"/admin/19-reports","title":"OpenIAM report services"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov","title":"Requests / Approval"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle","title":"Automated provisioning"}}},{"node":{"fields":{"slug":"/admin/8-sso","title":"Federation / SSO to applications"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy","title":"Access gateway"}}},{"node":{"fields":{"slug":"/appendix/1-self-signedcert","title":"Generate Self-signed Cert"}}},{"node":{"fields":{"slug":"/admin/7-access-cert","title":"User access review"}}},{"node":{"fields":{"slug":"/appendix/2-openssl","title":"Install OpenSSL"}}},{"node":{"fields":{"slug":"/appendix/4-prepforprod","title":"Prepare for Production"}}},{"node":{"fields":{"slug":"/changelog/12-Release-4.2.1.6","title":"Release 4.2.1.6"}}},{"node":{"fields":{"slug":"/changelog/13-Release-4.2.1.7","title":"Release 4.2.1.7"}}},{"node":{"fields":{"slug":"/changelog/14-Release-4.2.1.8","title":"Release 4.2.1.8"}}},{"node":{"fields":{"slug":"/changelog/11-Release-4.2.1.5","title":"Release 4.2.1.5"}}},{"node":{"fields":{"slug":"/changelog/15-Release-4.2.1.9","title":"Release 4.2.1.9"}}},{"node":{"fields":{"slug":"/appendix/3-installopenldap","title":"Install OpenLDAP on Ubuntu"}}},{"node":{"fields":{"slug":"/changelog/18-Release-4.2.1.12","title":"Release 4.2.1.12"}}},{"node":{"fields":{"slug":"/changelog/16-Release-4.2.1.10","title":"Release 4.2.1.10"}}},{"node":{"fields":{"slug":"/changelog/17-Release-4.2.1.11","title":"Release 4.2.1.11"}}},{"node":{"fields":{"slug":"/changelog/20-Release-4.2.1.14","title":"Release 4.2.1.14"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.1.15","title":"Release 4.2.1.15"}}},{"node":{"fields":{"slug":"/changelog/22-v2026.1.1","title":"Changelog for v2026.1.1"}}},{"node":{"fields":{"slug":"/connectorconfig/2-configparam","title":"Connector parameters"}}},{"node":{"fields":{"slug":"/connectorconfig/4-troubleshootingconnector","title":"Provisioning operations troubleshooting"}}},{"node":{"fields":{"slug":"/connectorconfig/JDBC","title":"JDBC connector"}}},{"node":{"fields":{"slug":"/connectorconfig/LDAP","title":"LDAP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/SAPUME","title":"SAP UME connector"}}},{"node":{"fields":{"slug":"/connectorconfig/adp","title":"ADP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/aerospike","title":"Aerospike connector"}}},{"node":{"fields":{"slug":"/changelog/19-Release-4.2.1.13","title":"Release 4.2.1.13"}}},{"node":{"fields":{"slug":"/connectorconfig/linux","title":"Linux connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft","title":"Microsoft Application Connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/aws","title":"AWS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracle","title":"Oracle RDBMS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracleebs","title":"Oracle EBS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/postgresql","title":"PostgreSQL connector"}}},{"node":{"fields":{"slug":"/connectorconfig/rexx","title":"Rexx connector"}}},{"node":{"fields":{"slug":"/connectorconfig/gsuite","title":"GSuite connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scim","title":"SCIM connector"}}},{"node":{"fields":{"slug":"/connectorconfig/sap","title":"SAP S/4 Hana connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector","title":"Groovy Script connector"}}},{"node":{"fields":{"slug":"/connectorconfig/tableau","title":"Tableau connector"}}},{"node":{"fields":{"slug":"/developerguide/10-OpenIAM-opensource-rep","title":"OpenIAM open source repository"}}},{"node":{"fields":{"slug":"/connectorconfig/workday","title":"Workday connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css","title":"Customizing branding"}}},{"node":{"fields":{"slug":"/developerguide/3-whitelisting","title":"Whitelisting packages"}}},{"node":{"fields":{"slug":"/developerguide/4-scheduledtasks","title":"Batch/Scheduled tasks"}}},{"node":{"fields":{"slug":"/connectorconfig/freeIPA","title":"FreeIPA connector"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel","title":"Data model"}}},{"node":{"fields":{"slug":"/developerguide/2-api","title":"RESTful API"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization","title":"Synchronization Scripts"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/1-login","title":"Logging in to SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice","title":"Operations via SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess","title":"User access rights"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest","title":"Request management"}}},{"node":{"fields":{"slug":"/getting-started/1-what_is_openiam","title":"What is OpenIAM?"}}},{"node":{"fields":{"slug":"/getting-started/2-productarchitecture","title":"Platform architecture"}}},{"node":{"fields":{"slug":"/getting-started/3-install_openiam","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/6-singlesignon","title":"Single sign-on"}}},{"node":{"fields":{"slug":"/getting-started/21-concepts","title":"Concepts"}}},{"node":{"fields":{"slug":"/getting-started/5-connecting","title":"Connecting to an authoritative source"}}},{"node":{"fields":{"slug":"/developerguide/6-ide","title":"Script development using an IDE"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/getting-started/7-selfservice-pswd","title":"SelfService password reset"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce","title":"Discovery questions"}}},{"node":{"fields":{"slug":"/getting-started/9-openiam-as-IdP","title":"Integrating OpenIAM as your IdP"}}},{"node":{"fields":{"slug":"/getting-started/8-openiam-with-IdP","title":"Integrating OpenIAM with your IdP"}}},{"node":{"fields":{"slug":"/getting-started/99-multifactor-authentication","title":"Configuring multi-factor authentication"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning","title":"Automated user provisioning"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation","title":"Deploying via RPM on Linux"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation","title":"Deploying to Kubernetes"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation","title":"Deploying on OpenShift"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation","title":"Deploying via Docker"}}},{"node":{"fields":{"slug":"/installation/8-sizing","title":"Sizing recommendations"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous","title":"Miscellaneous related articles"}}},{"node":{"fields":{"slug":"/ssocatalog/AWS","title":"AWS SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Gsuite","title":"GSuite SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Freshdesk","title":"Freshdesk SSO"}}},{"node":{"fields":{"slug":"/installation/9-data_migration","title":"OpenIAM data migration"}}},{"node":{"fields":{"slug":"/ssocatalog/Azure","title":"Azure SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Office365","title":"Office365 SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Salesforce","title":"Salesforce.com"}}},{"node":{"fields":{"slug":"/ssocatalog/okta","title":"Okta SSO"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster","title":"Cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors","title":"Connectors"}}},{"node":{"fields":{"slug":"/troubleshooting/docker","title":"Docker Swarm"}}},{"node":{"fields":{"slug":"/troubleshooting/environment","title":"Environment"}}},{"node":{"fields":{"slug":"/troubleshooting/operational","title":"Operational"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm","title":"RPM"}}},{"node":{"fields":{"slug":"/whatsnew/10-v4218","title":"New in v4.2.1.8"}}},{"node":{"fields":{"slug":"/whatsnew/1-v420","title":"New in v4.2.0.0"}}},{"node":{"fields":{"slug":"/whatsnew/12-v42110","title":"New in v4.2.1.10"}}},{"node":{"fields":{"slug":"/whatsnew/11-v4219","title":"New in v4.2.1.9"}}},{"node":{"fields":{"slug":"/whatsnew/16-v42115","title":"New in v4.2.1.15"}}},{"node":{"fields":{"slug":"/troubleshooting/v3_update","title":"Update from V3.X to V4.X"}}},{"node":{"fields":{"slug":"/whatsnew/15-v42113","title":"New in v4.2.1.13"}}},{"node":{"fields":{"slug":"/whatsnew/16-v422","title":"New in v4.2.2"}}},{"node":{"fields":{"slug":"/whatsnew/17-v2026.1.1","title":"New in v2026.1.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.2.1","title":"New in v2026.2.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.3.1","title":"New in v2026.3.1"}}},{"node":{"fields":{"slug":"/whatsnew/19-v2026.3.2","title":"New in v2026.3.2"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.4.1","title":"New in v2026.4.1"}}},{"node":{"fields":{"slug":"/whatsnew/21-v2026.4.2","title":"New in v2026.4.2"}}},{"node":{"fields":{"slug":"/whatsnew/7-v4215","title":"New in v4.2.1.5"}}},{"node":{"fields":{"slug":"/whatsnew/8-v4216","title":"New in v4.2.1.6"}}},{"node":{"fields":{"slug":"/whatsnew/13-v42111","title":"New in v4.2.1.11"}}},{"node":{"fields":{"slug":"/whatsnew/22-v2026.5.1","title":"New in v2026.5.1"}}},{"node":{"fields":{"slug":"/connectorconfig/salesforce","title":"Salesforce.com connector"}}},{"node":{"fields":{"slug":"/admin/17-services-manual-passwd-change","title":"Manual password update for OpenIAM services in RPM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/10-bulkoperations","title":"Bulk operations"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/1-createuser","title":"Creating a user"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/11-bulkentitlements","title":"Bulk operations with entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/12-externaldelegation","title":"Organization level delegation"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/13-unlock-account","title":"Unlocking an account"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/14-add-remove-entitlements","title":"Adding/Removing entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/16-user-conversion","title":"User conversion"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/18-creating-new-dept-division","title":"Creating a new department or division"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/17-newhireworkflow","title":"New hire workflow configuration"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/2-usertypes","title":"Custom user types"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/15-rehireuserflow","title":"Rehire user flow"}}},{"node":{"fields":{"slug":"/whatsnew/14-v42112","title":"New in v4.2.1.12"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/6-relatedAccount","title":"Related accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/5-finduser","title":"User search"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/8-serviceaccounts","title":"Service accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/9-orphanmanagement","title":"Orphan management"}}},{"node":{"fields":{"slug":"/whatsnew/9-v4217","title":"New in v4.2.1.7"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/7-customfields","title":"Custom fields"}}},{"node":{"fields":{"slug":"/admin/10-password/1-pswd-compromised","title":"Password breach detection"}}},{"node":{"fields":{"slug":"/admin/12-administration/3-squence-generator","title":"Sequence generators"}}},{"node":{"fields":{"slug":"/admin/12-administration/5-links","title":"External links on login page"}}},{"node":{"fields":{"slug":"/admin/12-administration/6-languages","title":"Managing languages"}}},{"node":{"fields":{"slug":"/admin/12-administration/7-reconciliationhistory","title":"Reconciliation history"}}},{"node":{"fields":{"slug":"/admin/12-administration/8-aboutopenIAM-page","title":"About OpenIAM Page"}}},{"node":{"fields":{"slug":"/admin/12-administration/99-heartbeat","title":"Heartbeat links"}}},{"node":{"fields":{"slug":"/admin/12-administration/9-reindex_elasticsearch","title":"Reindex Opensearch"}}},{"node":{"fields":{"slug":"/admin/15-audit/2-audit-log-export-connector","title":"Audit log export connector"}}},{"node":{"fields":{"slug":"/admin/15-audit/1-audit-events-interpret","title":"Audit events interpretation"}}},{"node":{"fields":{"slug":"/admin/2-authentication/1-auth-overview","title":"Configuring authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/10-fidologin","title":"FIDO-2 authentication"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/3-adminoperations","title":"Administrative actions on a User"}}},{"node":{"fields":{"slug":"/admin/2-authentication/11-credentialprovider","title":"Credential provider"}}},{"node":{"fields":{"slug":"/admin/2-authentication/14-duo-auth","title":"Duo authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/13-criiptoauth","title":"Criipto authentication"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration","title":"Configuring page templates"}}},{"node":{"fields":{"slug":"/admin/2-authentication/16-external-multiselect-auth","title":"External/multiselect authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/15-modernauth","title":"Microsoft Modern authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-auth-policy","title":"Authentication policy"}}},{"node":{"fields":{"slug":"/admin/2-authentication/21-dashboards","title":"Monitoring dashboards"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-delegatedauth","title":"Managed System authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/3-passwordauth","title":"Password-based authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/7-otp","title":"OTP over SMS or E-mail"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social","title":"Social authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/1-overview","title":"Introduction to access control"}}},{"node":{"fields":{"slug":"/admin/2-authentication/9-adaptiveauth","title":"Adaptive authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/10-accessright","title":"Access rights"}}},{"node":{"fields":{"slug":"/admin/3-authz/11-contentprovider","title":"Content provider"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus","title":"Menus"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-conflict-groups","title":"Conflict Groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles","title":"Managing roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups","title":"Managing groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/4-types","title":"Metadata types"}}},{"node":{"fields":{"slug":"/admin/3-authz/5-resources","title":"Managing resources"}}},{"node":{"fields":{"slug":"/admin/3-authz/8-accesstossoapps","title":"Access to SSO applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-account-unlock","title":"Setting up account unlock"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/1-Automated-applications","title":"Connected applications"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications","title":"Manual applications"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-certificateauth","title":"Configuring certificate-based authentication"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/10-managedsystemsimulation","title":"Managed system simulation mode"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/12-LDAP-managedsys-config","title":"LDAP Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config","title":"Configure Provisioning"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/2-incrementalsynch","title":"Incremental synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/1-synch","title":"Configuring synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/3-recon","title":"Configure reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/4-birthright","title":"Birthright access"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/6-managedsystem-config","title":"Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/5-recon-groovy","title":"Groovy Scripts for Reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/9-importorganization","title":"Import Organizations"}}},{"node":{"fields":{"slug":"/admin/3-authz/9-approvalflow","title":"Configuring approval workflows"}}},{"node":{"fields":{"slug":"/admin/3-authz/6-organization","title":"Managing organizations"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/8-importentitlements","title":"Import entitlements"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/2-approval-flow","title":"Approval flow"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/4-post-request","title":"After request has been approved"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/5-approve-by-email","title":"Approving requests via Email"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/3-manualTasks","title":"Manual tasks"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/1-entitlmentcert","title":"Entitlement based certification"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/7-questionnaire","title":"Questionnaire"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/10-mitigation-controls","title":"Mitigation controls for SoD"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-event-driven-cert","title":"Risk event driven certification"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-factor-config","title":"Risk factors configuration"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-usercert","title":"User based review"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/3-certification-reporting","title":"Certification reporting"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/5-delete-campaign","title":"Deleting an access certification campaign"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/4-membership-tags","title":"Membership tags"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/6-campaign-database","title":"Access certification campaigns as database objects"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/1-application-category","title":"Application categories"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/8-multiple-reviwer-campaigns","title":"Multi-reviewer user access review campaigns"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/9-segregation-of-duties","title":"Segregation of Duties (SoD) policies"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml","title":"Add SAML SP to OpenIAM"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/7-expiration-policy","title":"Expiration policy"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/1-formfill","title":"Form Fill"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/2-headerinj","title":"Header Injection"}}},{"node":{"fields":{"slug":"/admin/8-sso/5-auth_scopes","title":"OpenIAM oAuth scopes"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/3-urlrewriting","title":"URL Rewriting"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/6-example","title":"Examples"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/8-kerberos","title":"Setting up Kerberos via rProxy"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/7-rProxy-loadbalancer","title":"Reverse Proxy with Load Balancer"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/9-directive-reference","title":"mod_openiam Directive Reference"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2","title":"oAuth 2.0"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal","title":"WinLocal OpenIAM connector"}}},{"node":{"fields":{"slug":"/admin/8-sso/3-oidc","title":"OpenID Connect"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/1-powershellconnectorinstallation","title":"Installing PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-dynamics365FO","title":"Dynamics365 Finance&Operations connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-WindowsPasswordFilter","title":"AD Password Filter"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/13-successfactors","title":"SuccessFactors connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/14-psgraph","title":"Microsoft Graph PowerShell connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/15-powershell-generic","title":"Building a custom PowerShell connector for OpenIAM"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management","title":"Mail management"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig","title":"System configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/4-otpconfig","title":"Configure OTP Provider"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/16-teams","title":"Microsoft Teams connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/3-powershellconnectorupdate","title":"Updating PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/5-azuread","title":"Entra ID/O365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/7-azuredevops","title":"Azure DevOps connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/8-dynamics365","title":"Dynamics365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/9-sqlserver","title":"Microsoft SQL Server connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/connector-request-template","title":"OpenIAM connector request template"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/1-customcss","title":"Creating custom CSS"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/GroovyScriptConnector","title":"Configuring Groovy Script connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/2-cssexamples","title":"CSS file examples"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/6-exchange","title":"Exchange connector"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman","title":"Getting started with Postman"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/2-powershellconnectorsusage","title":"Using PowerShell connectors"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python","title":"Getting started with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java","title":"Getting started with Java"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/2-access-certification-reminder","title":"Notification reminders for approvers"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/1-usermodel","title":"User data model"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/2-rbacmodel","title":"Access control model"}}},{"node":{"fields":{"slug":"/developerguide/8-api/approver-association","title":"/webconsole - approver-association"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-right","title":"/webconsole - access-right"}}},{"node":{"fields":{"slug":"/developerguide/8-api/audit-log","title":"/webconsole - audit-log"}}},{"node":{"fields":{"slug":"/developerguide/8-api/auth-provider","title":"/webconsole - auth-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/authentication-grouping","title":"/webconsole - authentication-grouping"}}},{"node":{"fields":{"slug":"/developerguide/8-api/challenge-response","title":"/webconsole - challenge-response"}}},{"node":{"fields":{"slug":"/developerguide/8-api/batch","title":"/webconsole - batch"}}},{"node":{"fields":{"slug":"/developerguide/8-api/connector","title":"/webconsole - connector"}}},{"node":{"fields":{"slug":"/developerguide/8-api/content-provider","title":"/webconsole - content-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/email","title":"/webconsole - email"}}},{"node":{"fields":{"slug":"/developerguide/8-api/elastic-search","title":"/webconsole - elastic-search"}}},{"node":{"fields":{"slug":"/developerguide/8-api/field","title":"/webconsole - field"}}},{"node":{"fields":{"slug":"/developerguide/8-api/groovy-manager","title":"/webconsole - groovy-manager"}}},{"node":{"fields":{"slug":"/developerguide/8-api/group","title":"/webconsole - group"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-oauth","title":"/idp - idp-oauth"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/1-provision-on-date","title":"Provision/Deprovision on date"}}},{"node":{"fields":{"slug":"/developerguide/8-api/managed-system","title":"/webconsole - managed-system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/menu","title":"/webconsole - menu"}}},{"node":{"fields":{"slug":"/developerguide/8-api/metadata","title":"/webconsole - metadata"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.3.3","title":"New in 2026.3.3"}}},{"node":{"fields":{"slug":"/developerguide/8-api/oauth","title":"/webconsole - oauth"}}},{"node":{"fields":{"slug":"/developerguide/8-api/it-policy","title":"/webconsole - it-policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization-type","title":"/webconsole - organization-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-rest","title":"/idp - idp-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/page-template","title":"/webconsole - page-template"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization","title":"/webconsole - organization"}}},{"node":{"fields":{"slug":"/developerguide/8-api/property-value","title":"/webconsole - property-value"}}},{"node":{"fields":{"slug":"/developerguide/8-api/report","title":"/webconsole - report"}}},{"node":{"fields":{"slug":"/developerguide/8-api/policy","title":"/webconsole - policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource-type","title":"/webconsole - resource-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource","title":"/webconsole - resource"}}},{"node":{"fields":{"slug":"/developerguide/8-api/role","title":"/webconsole - role"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-config","title":"/webconsole - sync-config"}}},{"node":{"fields":{"slug":"/developerguide/8-api/ui-theme","title":"/webconsole - ui-theme"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-rest","title":"/webconsole - sync-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/system","title":"/webconsole - system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/uri-pattern","title":"/webconsole - uri-pattern"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov","title":"Automated provisioning Scripts"}}},{"node":{"fields":{"slug":"/developerguide/8-api/user","title":"/webconsole - user"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import","title":"Import from application"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/3-importing_groups","title":"Importing groups from application"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/1-forgotpassword","title":"Forgot password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/3-changepassword","title":"Updating your password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/4-outofoffice","title":"Out of office assistant"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/2-updateprofile","title":"Updating user profile"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/4-relations-with-manager","title":"Populating a manager"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/5-forgotusername","title":"Forgot username"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/6-updatesecquestions","title":"Updating security questions"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/1-servicecatalog","title":"Requesting access via catalog"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/10-positionchange","title":"Position change request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/11-accessprofiles","title":"Access profiles"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/12-bulkupload","title":"Uploading users in bulk"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/5-approverequest","title":"Approving requests"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/2-jobprofile","title":"Requesting access from profile"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/6-requestadministration","title":"Request administration"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/7-requesthistory","title":"Requests history"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/9-newuser","title":"Creating a new user"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/1-viewmyaccess","title":"View my access"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/8-newgroup","title":"Creating a group request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/2-directreports","title":"View direct reports"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/3-UAR-in-Self-Service","title":"User access review module in SelfService"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/1-designrole","title":"Designing business roles"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/2-openiam-access-role","title":"Designing access roles"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/3-connector-planning","title":"Connector requirements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect","title":"Deploying and registering connectors"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements","title":"Importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements","title":"Importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/1-jml","title":"Joiners, movers, leavers processes"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial","title":"Automated provisioning tutorial"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode","title":"Single VM Install"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/10-ha-rpm","title":"High availability (HA) deployment using RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/11-configuration-options","title":"Configuration options in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/2-rproxy","title":"r-Proxy installation in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/12-migrating-onpremises-to-cloud","title":"Migrating OpenIAM from on-premises installation to a cloud-based infrastructure"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports","title":"Deployment architecture in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/4-backup","title":"RPM backup / recovery"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading","title":"Upgrading OpenIAM in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB","title":"Installing OpenIAM with a remote database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/8-ssl","title":"Configuring HTTPS in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-migrating-non-production-to-production-environment","title":"Migrating non-production to production environment in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/1-https","title":"Configuring HTTPS on Docker"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/9-rabbitssl","title":"Enable TLS for RabbitMQ in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading","title":"Upgrading OpenIAM in Docker environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/4-YAML-files","title":"Docker YAML files"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/5-docker-swarm-backup","title":"Backup / restore in Docker Swarm"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/2-Configuration-options","title":"Configuration options in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/6-externalDB","title":"Installing OpenIAM with a remote database in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/1-ssl","title":"Configuring HTTPS in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/10-backup-and-restoration","title":"Backup and restoration procedure in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/11-common-scenario","title":"Installing OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/12-vault-migration-fromRPM-toK8","title":"Migration of Vault from RPM-based cluster to Kubernetes-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/2-deployment-with-terraform","title":"Deploying OpenIAM with Terraform"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/3-depl-without-terraform","title":"Deploying OpenIAM on Kubernetes using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/4-RabbitMQ-TLS","title":"RabbitMQ TLS directory in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading","title":"Upgrading OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/7-useal-keys-restoration","title":"Backing up and restoring the vault unseal keys in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms","title":"Kubernetes Platforms"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/9-remoteDB","title":"Installing OpenIAM with a remote database in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/1-create-cluster","title":"Creating an OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/8-AKS_with_ext_MSSQL","title":"Deploying OpenIAM on AKS (Kubernetes) with an external MSSQL database"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/2-connect-to-cluster","title":"Connect to OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/4-some-descriptions-helm","title":"Memory requirements for OpenShift deployment with Helm"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/5-localhost-dev-cluster","title":"Localhost development cluster"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/6-deploy-from-windows","title":"Deploy OpenIAM to OpenShift cluster with Helm (from Windows)"}}},{"node":{"fields":{"slug":"/installation/8-sizing/2-medium-k8","title":"Medium Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/8-sizing/1-small-k8","title":"Small Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/9-data_migration/1-migrating_ES_Docker","title":"Verifying and migrating Elasticsearch data in Docker-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/01-log4j","title":"Log4j Vulnerability"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/02-hardening","title":"Securing your installation"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/03-db-switch","title":"Change OpenIAM product database"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/04-compatibility","title":"Compatibility matrix"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/05-postgres-install","title":"Installing PostgreSQL 15"}}},{"node":{"fields":{"slug":"/installation/99-miscellaneous/04-compatibility","title":"Compatibility Matrix"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-certification","title":"/webconsole - access-certification"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/1-rabbitmq-reinit","title":"RabbitMQ cluster went out of order"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/3-Rabbitmq-connection-timeout","title":"RabbitMQ connection timeout issue"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/2-rabbitmq-UI","title":"RabbitMQ is not reached from UI in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors/sync-vs-async-source","title":"Synchronous vs. asynchronous synchronization source for connectors"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/3-deploy-OpenIAM-helm","title":"Deploy OpenIAM to OpenShift cluster with Helm"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/1-connectorlogs","title":"View container logs"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/2-containersrestart","title":"Containers Restarting"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/3-uninstall","title":"Remove an OpenIAM Docker Install"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/4-troubleshooting-steps","title":"Troubleshooting steps in a container-based cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/memoryutili","title":"Check memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/redismemory","title":"Redis memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/disableswap","title":"Disable swap"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/JDBC-connection-pool","title":"Increasing the JDBC connection pool size"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/5-log-checking-guide","title":"Docker log checking guide"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-after-migration","title":"Access problem after migrating OpenIAM"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-forbidden","title":"Access Forbidden error"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/activationlink","title":"Error when sending activation link"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/audit-doc-timestamp","title":"Audit document timestamp issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/auth-manager","title":"Backend exception error when running authentication manager"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/database-reset","title":"Database reset"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/debug-logs-CassandraJanusGraph","title":"Enabling and disabling debug logs for Cassandra and JanusGraph"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/elasticsearch-readonly-state","title":"Elasticsearch read-only state"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/flyway_version","title":"Flyway version issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/increasing-RAM","title":"Increasing memory for OpenIAM services"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/lackof_disk_space","title":"Running out of disk space"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/modifly_system_labels_and_messages","title":"Changing system labels and messages"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/my-application-page-selfservice","title":"Changing refresh time for My Applications page in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/overriding-app-properties","title":"Overriding UI application properties"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/pad-block-corrupted","title":"PAD Block Corrupted"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/remove-navigation-bar","title":"Removing menu items from top navigation bar"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/report-generation-issue","title":"Error during report generating in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/resetting_passwords","title":"Resetting passwords"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/run_flyway_repair_mode","title":"Run Flyway in repair mode"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/unlocksysadmin","title":"Unlock sysadmin"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/username_in_selfservice","title":"Username not shown in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/failed-dependencies","title":"Failed dependencies"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/trobleshooting_guide","title":"Troubleshooting guide for RPM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/1-userpage","title":"Configuring user page templates"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/2-customuserpage","title":"Creating more custom user edit pages"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/4-customtemplates","title":"Custom form templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/1-system","title":"System tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/2-regex-validation","title":"Validation regular expressions"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/3-UI","title":"UI tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/5-organization-tab","title":"Organization tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/9-health-checks","title":"Configuring health checks for managed systems"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/4-workflow","title":"Workflow tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/7-authentication","title":"Authentication tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/8-auditeventstosyslog","title":"Exporting audit events to syslogs"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/1-emailtemplates","title":"Email templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/6-password","title":"Password tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/2-smtpconfig","title":"Mailbox Configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/3-multilanguagemail","title":"Multilanguage emails"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/4-mail-via-azure","title":"Mailbox configuration via Azure application"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/5-alert-notifications","title":"Configuring alert notifications"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/6-email-template-variables","title":"Email template variables reference"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/1-googlesociallogin","title":"Google Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/2-facebooksociallogin","title":"Facebook Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/3-linkedinsociallogin","title":"LinkedIn Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/4-appleidsociallogin","title":"AppleID Social Login"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/1-enduseraccess","title":"End-user access roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/2-adminaccess","title":"Admin access role"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/3-FAQ","title":"FAQs about menus and their use"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/4-Config-Lhand-menu-SS-MyInfo","title":"Configurable left-hand menu in SelfService 'My Info' page"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/2-createrole","title":"Create role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/1-role-types","title":"Types of roles existing in OpenIAM"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/3-findrole","title":"Finding an existing role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/5-importingroles","title":"Importing roles"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config/1-prepost-processor","title":"Pre/PostProcessor"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml/1-jit-provisioning","title":"Just-in-time Provisioning"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups/1-create-group","title":"Creating a group"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications/1-reg-applications","title":"Register applications"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/2-postmanconfig","title":"Create Postman collection"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2/1-Auth-code-grand","title":"Authorization code grant type"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/3-add-request","title":"Define an API request in Postman"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/2-winlocalv5","title":"Version 5"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/1-winlocalv4","title":"Version 4"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/1-createauthprovider","title":"Create OpenIAM Provider for Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/4-JWT-tokens","title":"Getting started with JWT tokens in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/5-postman-links","title":"Postman API documentation links"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/1-createauthprovider","title":"Create OpenIAM oAuth provider in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/6-example","title":"Client credentials flow with a defined scope in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/2-grantinguathz","title":"Granting authorization to the API with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/4-enabling-disabling-user","title":"Enabling/Disabling a user with API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/3-api-call-examples","title":"API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/5-object-oriented-impl-example","title":"Object oriented implementation for REST API in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/6-OTP-verification","title":"OTP Verification in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/3-creating-searching-users","title":"Creating and searching a user with API call in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/4-calls-examples","title":"API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/5-enabling-disabling-users","title":"Enabling/Disabling a user with API calls examples in Java"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/3-azuread","title":"Entra ID"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov/1-newhires","title":"New hires"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/6-importroles","title":"Import Roles"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/1-createauthprovider","title":"Create OpenIAM Provider"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/2-grantauthz","title":"Granting authorization to the API with Java"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/2-rpm","title":"Connectors via RPM"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/3-docker","title":" Connectors via Docker"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/1-configuring-synch","title":"Configuring synchronization for importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/4-k8","title":" Connectors via Kubernetes"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/3-troubleshooting","title":"Troubleshooting"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/2-policymap","title":"Policy map"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/3-creatingrole","title":"Creating role"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/1-config-synch","title":"Configuring synchronization for importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/3-common-questions","title":"Common questions"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/4-birthright","title":"New hire"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/1-provisioningCSV","title":"Creating a synchronization configuration for the source"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/6-termination","title":"Terminations"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/5-transfer","title":"Transfer"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/1-one-node","title":"Single node deployment"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/3-nonroot-partition","title":"Installing OpenIAM on a non-root partition"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/2-three-node","title":"Three node cluster"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/1-rpm-with-internet","title":"Installation with Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-4-2","title":"Upgrading OpenIAM to v.2026.4.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-5-1","title":"Upgrading OpenIAM to v.2026.5.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/1-databasemigration","title":"Database migration from version 3.X to 4.X"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/3-upgradingto-42111","title":"Upgrading from versions 4.2.1.9-4.2.1.10 to version 4.2.1.11 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/2-rpm-no-internet","title":"Installation without Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/2-upgradingto-42110","title":"Upgrading from version 4.2.1.5-4.2-4.2.1.8 to version 4.2.1.10 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-migrating-index-data","title":"Migration of index data from older ElasticSearch versions to newer one"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-upgradingto-42112","title":"Upgrading from versions 4.2.1.x to version 4.2.1.12 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-infrastructure_upgrade","title":"Infrastructure upgrade"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/7-upgradingto-422","title":"Upgrading OpenIAM from versions 4.2.1.x to 4.2.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/6-infra-upgrade-42113","title":"Infrastructure upgrade in v4.2.1.13"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-1","title":"Upgrading OpenIAM to v.2026.3.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-2","title":"Upgrading OpenIAM to v.2026.3.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/9-422-changes","title":"Known issues related to upgrading from 4.2.1.x to 2026.4.1 version"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-2-1","title":"Upgrading OpenIAM to v.2026.2.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/1-oracle","title":"Installing OpenIAM with a remote Oracle database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/2-postgres","title":"Installing OpenIAM with a remote Postgres database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-upgradingto-42115","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/3-MSSQL","title":"Installing OpenIAM with a remote MSSQL database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/1-upgrade-4219","title":"Upgrade from version 4.2.1.5-4.2.1.8 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/2-upgrade-42110","title":"Upgrade from version 4.2.1.9 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/3-upgrade-42111","title":"Upgrade from version 4.2.1.10 to version 4.2.1.11 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/4-upgrade-42115","title":"Upgrade from version 4.2.1.x to version 4.2.1.15 in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/3-upgrade-42113k8-rabbitmq","title":"Upgrading from version below 4.2.1.8 to version 4.2.1.13 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/4-upgrade-42115k8","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/6-upgrade-422k8","title":"Upgrading from version 4.2.1.x to version 4.2.2 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/5-upgrade-42112k8","title":"Upgrading from version 4.2.1.x to version 4.2.1.12 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/1-gce","title":"GCE Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/2-aws","title":"AWS Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/3-helm","title":"Private Kubernetes Cluster using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/4-azure","title":"Azure Kubernetes Guide"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/3-ldapattributeslists","title":"LDAP Attribute list for User Synchronization"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/1-ldapvalidation","title":"Synchronization Validation Script"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/2-ldapsynchusers","title":"LDAP User Synchronization Script"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/1-ADgroup-transformation","title":"Sample transformation script for AD groups"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/2-csv-transformation","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/4-csv-users-entitlements","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/3-ADtransformation-usergroup","title":"Sample transformation script for AD users and group memberships"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.2","title":"Release 4.2.2"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/4-adpowershell","title":"Active Directory PowerShell connector"}}},{"node":{"fields":{"slug":"/appendix/5-message_en_file","title":"Message properties"}}}]}},"pageContext":{"id":"0d42cf29-f18b-596d-b243-4a758d635b8b"}}, "staticQueryHashes": ["2619113677","3706406642","417421954"]}