1. Administering Oracle Advanced Authentication and Oracle Adaptive Risk Management
  2. Installing Oracle Advanced Authentication, Oracle Adaptive Risk Management, and Oracle Universal Authenticator
  3. Procedure for Installing OAA, OARM, and OUA
  4. Post Installation Steps
  5. Post-Installation Steps for NodePort

4.8.4 Post-Installation Steps for NodePort

For all installation types, if you are using nodeport as oppose to ingress, you must update the OAuth client with the relevant redirect URLs. Perform the following steps:

  1. Find the URLs for the spui, oaa-admin-ui, and fido pods as described in Printing Deployment Details, for example:
    AdminUrl=https://worker1.example.com:32701/oaa-admin
SpuiUrl=https://worker1.example.com:32721/oaa/rui
Fido=https://worker1.example.com:30414/fido

    Note:

    For OARM only installation, you only need to find the URL for the oaa-admin-ui pod.
  2. Encode the OAM administrator user and its password by using the command:
    echo -n <username>:<password> | base64
    For example: 
    echo -n weblogic:<password> | base64
    This value should be used for <ENCODED_OAMADMIN> in the examples below.
  3. For OAA, OAA-OARM, and OAA-OARM-OUA installations, update the OAuth Client using REST APIs as follows:
    curl --location --request PUT 'http://<OAuth_Host>:<OAuth_Port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/client?name=OAAClient' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <ENCODED_OAMADMIN>' \
--data '{
    "id": "OAAClient",
    "clientType": "PUBLIC_CLIENT",
    "idDomain": "OAADomain",
    "name": "OAAClient",
    "redirectURIs": [
        {
            "url": "https://worker1.example.com:32701/oaa/rui",
            "isHttps": true
        },
        {
            "url": "https://worker1.example.com:32701/oaa/rui/oidc/redirect",
            "isHttps": true
        },
        {
            "url": "https://worker1.example.com:32721/oaa-admin",
            "isHttps": true
        },
        {
            "url": "https://worker1.example.com:32721/oaa-admin/oidc/redirect",
            "isHttps": true
        },
        {
            "url": "https://worker1.example.com:30414/fido",
            "isHttps": true
        },
        {
            "url": "https://worker1.example.com:30414/fido/oidc/redirect",
            "isHttps": true
        }
    ]
}'

    Note: For details about the REST API see, REST API for OAuth in Oracle Access Manager

    For OARM only installations, update the OAuth Client as follows:
    curl --location --request PUT 'http://<OAuth_Host>:<OAuth_Port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/client?name=OAAClient' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <ENCODED_OAMADMIN>' \
--data '{
    "id": "OAAClient",
    "clientType": "PUBLIC_CLIENT",
    "idDomain": "OAADomain",
    "name": "OAAClient",
    "redirectURIs": [
      {
            "url": "https://worker1.example.com:32721/oaa-admin",
            "isHttps": true
        },
        {
            "url": "https://worker1.example.com:32721/oaa-admin/oidc/redirect",
            "isHttps": true
        }
    ]
}'