4.8.2 Post Installation Steps for Installs Containing OARM
Follow these post installation steps for installations that contain OARM. This includes OAA-OARM, OARM only, and OAA-OARM-OUA installation types.
Set oaa.browser.cookie.domain and oaa.risk.integration.postauth.cp
The property oaa.browser.cookie.domain
must be set to the OAA
host domain in order to collect the device cookie. For example, if the OAA is accessible on
https://oaa.example.com
, then set the value to
oaa.example.com
.
Note:
oaa.browser.cookie.domain
is not required in OARM only
installations.
The property oaa.risk.integration.postauth.cp
must be set to
postauth
to invoke risk rules for usecases such as Risky IP,
Geo-velocity, and Geo-location.
- Set the properties as follows:
Use the
<PolicyUrl>/policy/config/property/v1
REST API to set the properties. For example:curl --location -g --request PUT '<PolicyUrl>/policy/config/property/v1' \ --header 'Content-Type: application/json' \ --header 'Authorization: Basic <Base64Encoded(<username>:<password>)>' \ --data '[ { "name": "oaa.browser.cookie.domain", "value": "<host.domain>" }, { "name": "oaa.risk.integration.postauth.cp", "value": "postauth" } ]'
Note:
In this case remove/oaa-policy
from the<PolicyUrl>
, for example usehttps://<host>:<port>/policy/config/property/v1
nothttps://<host>:<port>/oaa-policy/policy/config/property/v1
For details about finding the
PolicyUrl
and authenticating, see OAA Admin API.For details about the Configuration Properties REST Endpoint, see Configuration Properties REST Endpoints.