Check ABS port availability

The default ports for connection with ABS are 8080 and 9090. Run the script on the ASE machine to determine accessibility of ABS. Input ABS host IP address and ports as arguments.

/opt/pingidentity/ase/util ./ {ABS IPv4:[port]}

Configure ASE

Update abs.conf located in the ASE /opt/pingidentity/ase/config directory with ABS Engine address and authentication keys:

  • Configure abs_endpoint with the ABS Engine management IP address / host name and port number (Default: 8080) which was configured in the /opt/pingidentity/abs/config/ file.
    Note: Note: If ABS is in a different AWS security group, use a private IP address
  • Configure ABS access_key and secret_key using the key values from the abs_init.js file located in /opt/pingidentity/abs/mongo.

Here is a sample abs.conf file:

; API Security Enforcer ABS configuration.
; This file is in the standard .ini format. The comments start with a semicolon (;).
; Following configurations are applicable only if ABS is enabled with true.

; a comma-separated list of abs nodes having hostname:port or ipv4:port as an address.

; access key for abs node

; secret key for abs node

; Setting this value to true will enable encrypted communication with ABS.

; Configure the location of ABS's trusted CA certificates. If empty, ABS's certificate
; will not be verified
Important: Make sure that ASE and ABS are in the same time zone.