Authorization server security provider in Jitterbit App Builder
The Authorization Server security provider allows App Builder to operate as both an OAuth 2.0 and OpenID Connect (OIDC) authorization server. OIDC clients can use the Authorization Server to authenticate users. Access tokens issued by the Authorization Server can be used to access App Builder-hosted REST, Webhook and App Builder Connector APIs.
Configuration
App Builder ships with an Authorization Server security provider. The security provider is disabled by default. To enable the Authorization Server, start by signing into App Builder as an administrator:
- Click the IDE link.
- Click the Security Providers button.
- In the User Authentication panel, locate the Authorization Server and click the Details icon (Chevron).
- Click the Edit button.
- Check the Enabled option.
- Click the Save button.
To use the authorization server to authenticate users and access protected resources, you will need to register one or more client applications. See the Client authentication document for detailed instructions on how to register client applications.
Certificates
The Authorization Server security provider requires two certificates, one for encryption and one for signing. These certificates are automatically generated when App Builder first starts. No additional configuration is required.
Purpose | Type | Format | Description |
---|---|---|---|
Encryption | X.509 Certificate | PKCS#12 (PFX), base64-encoded | X.509 certificate used to encrypt access and refresh tokens. |
Signing | X.509 Certificate | PKCS#12 (PFX), base64-encoded | X.509 certificate used to sign identity tokens. |
Properties
The Authorization Server supports the following additional parameters. Default values are supplied for both parameters. No additional configuration is required.
Parameter | Default | Example | |
---|---|---|---|
CertificateKeySize | 2048 | 4096 | Certificate key size in bits. |
CertificateLifetime | 3650 | 730 | Certificate lifetime in days. |