Installing the PingAuthorize Policy Editor interactively - PingAuthorize - 9.3

PingAuthorize 9.3

bundle
pingauthorize-93
ft:publication_title
PingAuthorize 9.3
Product_Version_ce
PingAuthorize 9.3
category
ContentType
Product
Productdocumentation
paz-93
pingauthorize
ContentType_ce
Product documentation

You can run the PingAuthorize Policy Editor setup command interactively in command-line interface (CLI) install mode.

You must have the following information:

  • The location of a valid license file
  • An available port for the PingAuthorize Policy Editor to accept HTTPS requests

The setup tool prompts you interactively for the information that it needs.

Note:

You cannot configure some setup options when installing the PingAuthorize Policy Editor interactively, such as PostgreSQL database configuration. For more information, see Installing the PingAuthorize Policy Editor non-interactively.

  1. Choose the authentication mode for the PingAuthorize Policy Editor:
    • Demo mode: Configures the PingAuthorize Policy Editor to use form-based authentication with a fixed set of credentials. Unlike OpenID Connect (OIDC) mode, this mode doesn't require an external authentication server. However, it is inherently insecure and should only be used for demonstration purposes.

    • OIDC mode: Configures the PingAuthorize Policy Editor to delegate authentication and sign-on services to a PingFederate OIDC provider.

      In OIDC mode, you must provide the following additional information:

      • The host name and port of an OIDC provider
      • Information related to the server's connection security, including the location of a keystore that contains the server certificate, the nickname of that server certificate, and the location of a trust store
      Note:

      To use PingAuthorize Policy Editor with other OIDC providers, such as PingOne, see Installing the PingAuthorize Policy Editor non-interactively.

  2. Run the setup command.
    Note:

    If you don't want to use the default database credentials, see Setting database credentials at initial setup.

  3. Copy and record any generated values needed to configure external servers.

    The Shared Secret is used in PingAuthorize, under External Servers > Policy External Server > Shared Secret.

  4. To start the Policy Editor, or policy administration point (PAP), run bin/start-server.

    The Policy Editor runs in the background, so you can close the terminal window in which it was started without interrupting it.

See Example: Installing and configuring the Policy Editor interactively for a more detailed walkthrough of the previous steps.
  1. Complete the steps in Post-setup steps (manual installation).
  2. Consider additional configuration options in Specifying custom configuration with an options file.