35.2.1 Creating an Identity Domain
An Identity Domain corresponds to the notion of a tenant. All clients and resource servers are created under an Identity Domain.
curl
command to create an identity domain are:
-
identityProvider: UserIdentityStore to perform the authentication against (Password Grant Flows). If not specified this is defaulted to the DefaultIdentityStore - "UserIdentityStore1"
-
errorPageURL: Custom error page to be used in the case of 3 legged flows. If not specified it is defaulted to OAM server's error page.
-
consentPageURL: Customer consent page to be used in case of 3 legged flows. If not specified uses the custom consent page shipped with OAM.
-
tokenSettings: Token defaults are maintained at the IdentityDomain level. If tokenSettings is not specified the default values for the ACCESS_TOKEN and others are used.
Note:
If RefreshToken needs to be generated along with AccessToken, refreshTokenEnabled=true must be set, under ACCESS_TOKEN settings.
Endpoint for CRUD operations:
http:<AdminServerHost:Port>/oam/services/rest/ssa/api/v1/oauthpolicyadmin/oauthidentitydomain
Note:
Use Content-Type:application/json in the REST API HTTP request.There are 2 ways to create the Identity Domain
-
Simple: In this mode, just the name and description of the IdentityDomain to be created are used. The rest of the values are defaulted.
-
Detailed: In this mode, you can give specific values to the different parameters.