Backup and Restore Configurations
This tab provides an option to download or upload the OAuth SSO’s plugin configurations for this application instance. This is very useful as it helps to:
-
Transfer configuration file: If the user is moving from Test instance to Production instance, there is no need for re-configuring plugin again on the production instance as you have already configured for your use case and tested the plugin. Also, in case you want to move your settings from one instance to another, this feature can help. Please drop us a query at info@xecurify.com if you want to transfer configuration to a different version.
-
Troubleshoot: If the user gets issues while configuring, the configuration file can be sent anytime to the support team for debugging and fixing.
-
Backup: Users can take backups of the configurations for future use for safer side.
This tab has the following options:
Export App Configuration
Using this feature all the plugin configurations can be downloaded in a JSON file. For this option to work at least one OAuth/OpenID Provider must be configured otherwise, the link to download the settings will not work. As the configurations are sorted according to the tabs in the configuration file, it is easy for admin to interpret and update the file if needed.
Import App Configuration
This option provides a way to restore the plugin configuration from a file. The configuration file is a file downloaded from the previously explained export feature. First, you have to select the file to import and then click the import button. If the configuration file is in the correct format, all the application settings will be updated accordingly. But if there is an issue with the configuration file, the application settings will not be modified and an error will be shown indicating the possible cause. You can refer to the sample app configuration given in the plugin or you can also use the exported file as the sample.
Import/Export App Configuration via REST API.
Admins can also be import/export app configuration by using REST API. Details for the REST Call’s are given below.
A. Download/Fetch App configuration.
- URL : <application_base_URL>/plugins/servlet/oauth/configureplugin
- Method : GET
- Request Parameters :
- Headers :-
- Content-Type : application/json
- Authorization : Basic Authentication
- Headers :-
You will get configuration in form of JSON raw data in response.
B. Update App configuration
- URL : <application_base_URL>/plugins/servlet/oauth/configureplugin
- Method : POST
- Request Parameters:
- Headers :-
- Content-Type : application/json
- Authorization : Basic Authentication
- Headers :-
- Body :-
- The body content type should be in Raw format(application/json)
Example of Raw format data to be send/receive in body
{
{
“PLUGIN_NAME”: “OAuth/OpenID Connect (OIDC) for Jira SSO”,
“PLUGIN_VERSION”: “1.2.4”,
“Identity Providers”: [
{
“ID”: “304ec56e-3931-4392-b109-33a0dcfe51cd”,
“Name”: “Custom OpenID”,
“Application Configuration”: {
“IDP_ID”: “304ec56e-3931-4392-b109-33a0dcfe51cd”,
“DEFAULT_APP_NAME”: “Custom OpenID”,
“CUSTOM_APP_NAME”: “Custom OpenID”,
“CLIENT_ID”: “”,
“CLIENT_SECRET”: “”,
“SINGLE_LOGOUT_URL”: “”,
“SCOPE”: “openid email profile”,
“USE_STATE_PARAMETER”: true,
“PUBLIC_KEY”: “”,
“ENABLE_CHECK_ISSUER_FOR”: false,
“CHECK_ISSUER_FOR”: “Default”,
“CUSTOM_ISSUER_VALUE”: “”,
“AUTHORIZE_END_POINT”: “https://login.xecurify.com/moas/idp/openidsso”,
“ACCESSTOKEN_END_POINT”: “https://login.xecurify.com/moas/rest/oauth/token”,
“USERINFO_END_POINT”: “”,
“FETCH_GROUPS_ENDPOINT”: “”,
“SEND_TOKEN_AUTHORIZATION_PARAMETERS_IN”: “HttpHeader”,
“ACR_VALUE_CHECK”: false,
“DIRECTORY_ID”: “”,
“TENANT_ID”: “”,
“DOMAIN_NAME”: “”,
“HOST_NAME”: “”,
“REALM_NAME”: “”
},
“Attribute Mapping”: {
“USERNAME_ATTRIBUTE”: “sub”,
“EMAIL_ATTRIBUTE”: “”,
“ENABLE_REGEX_PATTERN”: false,
“REGEX_PATTERN”: “”,
“KEEP_EXISTING_USER_ATTRIBUTES”: true,
“FIRST_NAME_ATTRIBUTE”: “”,
“LAST_NAME_ATTRIBUTE”: “”,
“FULL_NAME_ATTRIBUTE”: “”,
“USE_SEPARATE_NAME_ATTRIBUTE”: false,
“LOGIN_USER_BY_ATTRIBUTE”: “username”,
“ENABLE_LANGUAGE_MAPPING”: false,
“LANGUAGEMAP”: “”,
“CUSTOM_LANGUAGE_ATTRIBUTE”: “”
},
“Group Mapping”: {
“ROLE_ATTRIBUTE”: “”,
“KEEP_EXISTING_USER_ROLES”: true,
“CREATE_USER_IF_ROLE_MAPPED”: false,
“ROLE_MAPPING”: {},
“DEFAULT_GROUPS”: [“jira-software-users”],
“RESTRICT_USER_CREATION”: false,
“ENABLE_DEFAULT_GROUPS_FOR”: “newUsers”,
“ON_THE_FLY_GROUP_MAPPING”: false,
“CREATE_NEW_GROUPS”: false,
“ON_THE_FLY_ASSIGN_NEW_GROUPS_ONLY”: false,
“ON_THE_FLY_DO_NOT_REMOVE_GROUPS”: [“”]
}
}
],
“Sign In Settings”: {
“ENABLE_FOR_SOFTWARE”: “true”,
“LOGIN_BUTTON_TEXT”: “Use OAuth Login”,
“SSO_BUTTON_LOCATION”: “After Login Button”,
“RELAY_STATE”: “”,
“DISABLE_DEFAULT_LOGIN”: “false”,
“ENABLE_BACKDOOR”: “false”,
“ENABLE_AUTO_REDIRECT_DELAY”: “”,
“ALLOWED_DOMAINS”: “”,
“ADMIN_SESSION_OPTION”: “”,
“BACKDOOR_KEY”: “oauth_sso”,
“BACKDOOR_VALUE”: “false”,
“RESTRICT_BACKDOOR”: “false”,
“BACKDOOR_GROUPS”: [“jira-software-users”],
“PLUGIN_API_ACCESS_RESTRICTION”: “false”,
“ENABLE_FOR_SERVICE_DESK”: “true”,
“ENABLE_FOR_AGENTS”: “false”,
“AGENT_GROUPS”: [“jira-software-users”],
“AGENTS_GROUP_REGEX_PATTERN”: “”,
“DISABLE_DEFAULT_LOGIN_JSD”: “false”,
“ENABLE_BACKDOOR_JSD”: “false”,
“RESTRICT_AUTO_REDIRECT_URL”: “”,
“CUSTOM_LOGOUT_URL”: “”,
“ENABLE_LOGOUT_TEMPLATE”: “false”,
“LOGOUT_TEMPLATE”: “”
ENABLE_LOGIN_TEMPLATE”: “”,
“ENABLE_LOGIN_TEMPLATE_FOR_SERVICEDESK”: “”,
“LOGIN_TEMPLATE”: “”,
“LOGIN_TEMPLATE_FOR_SERVICEDESK”: “”,
“REMEMBERME_COOKIE”: “”,
“ENABLE_PASSWORD_CHANGE”: “”,
“ENABLE_ERRORMSG_TEMPLATE”: “false”,
“ERROR_MSG_TEMPLATE”: “”
CUSTOM_ERROR_TEMPLATE”: “”
},
“Domain Mapping Configurations”: {
“USE_DOMAIN_MAPPING”: “false”,
“DOMAIN_MAPPING”: {}
}
}
}