PSD2 CONFIGURATIONS GUIDE
This document includes following topics:
IDCS CONFIGURATIONS
Registering OBDX as an Admin application in IDCS
- Click add in the application tab to register OBDX Admin application.
- Select trusted application.
- Add “name” and “description”.
- Check ‘Client Credentials’ option as the ‘Allowed Grant Type’. Check ‘Introspect’ as ‘Allowed Operations’.
- Add Admin Privileges for OBDX Client Configuration.
- Application added.
- Application added. We shall need the Client-Id and Client-Secret to configure OBDX Admin application in OBDX and WLS. (Enabling PSD2 on OBDX Entity & Set up IDCS Asserter).
Setting up login page
- Set Login URL to ‘/ui/v1/signin’ if something else. ‘/ui/v1/signin’ is the default login page provided by IDCS.
- Page to set session token timeout and custom login URL.
APICS CONFIGURATIONS
- Login to APICS
- Create API
- API Implementation
- Edit Policy
- View API Summarizing
OBDX CONFIGURATIONS
WebLogic Configurations
Patch WLS12.2.1.2
- WLS 12.2.1.2.0 (PS2 PSU) Obtain and install the WLS 12.2.1.2.0 kit from OTN:
Download the 12.2.1.2.171017 Patch Set Update (PSU) for WebLogic Server 12.2.1.2 from https://support.oracle.com/epmos/faces/PatchDetail?patchId=26485996
Apply the PSU patch following the instructions contained in the README.txt in the p26485996_122120_Generic.zip patch file.
Set up IDCS asserter
- Login to WLS console using admin credentials.
- Navigate to Security Realms myrealm Providers
- Click on New
- Name the asserter. Select ‘OracleIdentityCloudIntegrator’ as the provider type
- Click ‘OK’
- Click on ‘IDCSAsserter’
- Choose ‘Authorization’ property as Active Type
- Click on Provider Specific and configure IDCSAsserter properties. Provide Client Id and Client secret of OBDX Admin Application; created in Step 4.1.a in fields Client Id and Client Secret & Confirm Credentials. Fill in other marked properties as per the IDCS host.
- Restart the OBDX Managed as well as Admin Server.
Configuring TLS for IDCS.
- Download Certificate from IDCS Host. Add the certificate to a custom keystore and add it to the WebLogic server.
- Add the following property in WLS managed server start configuration.
Dweblogic.security.SSL.hostnameVerifier=weblogic.security.utils.SSLWLSWildcardHostnameVerifier
- Restart OBDX Managed as well as Admin Server.
Enable Headless Mode
- Add the following property to enable Headless mode
-Dobdx.headless.mode.enabled=true
- Restart OBDX Managed Server
OBDX Configurations
Enabling PSD2 on OBDX entity
- Add IDCS Host details in Day-1 Configurations for that entity – (in Other Modules section)
- In Configurations, navigate to Base Configurations. Search Category: ‘extxfaceadapterconfig’
- Search for the entity to enable IDCS adapters
- View the existing property for editing the same.
- Edit the property. Add appropriate IDCS Adapters. – ‘idcs1736’ for OBDX 18.1
- Restart OBDX Managed Server