Take the following steps to set up NGINX Dev Portal OIDC and test it for Auth0 integration.
-
Ensure that you use different application and callback/logout URLs as the following example unlike that are already created to test your containerized NGINX Plus.
Category Example Application Name nginx-devportal-appAllowed Callback URLs http://nginx.devportal.auth0.test/_codexchAllowed Logout URLs http://nginx.devportal.auth0.test/_logout -
Edit
hostsfile in your laptop via if you want to locally test your app:$ sudo vi /etc/hosts 127.0.0.1 nginx.devportal.auth0.test #Note : The provided IP address should be of the host where you installed the Dev Portal packages . # Also make sure your controller and Dev Portal /etc/hosts files have similar entries.
Configure a Dev Portal by either referencing NGINX Management Suite Docs of How To Set Up a NGINX Dev Portal or taking the following steps of calling APIs:
Note:
Download an example of postman collection for easily testing the following steps.
-
Open a Postman collection, and edit ACM password and variables:
-
Create a
infra > workspace:POST https://{{ctrl_ip}}/api/acm/v1/infrastructure/workspacesBody:{ "name": "{{infraworkspacename}}" } -
Create a
proxy > workspace:POST https://{{ctrl_ip}}/api/acm/v1/services/workspacesBody:{ "name": "{{proxyworkspacename}}" } -
Create an environment of
Dev Portal:POST https://{{ctrl_ip}}/api/acm/v1/infrastructure/workspaces/{{infraworkspacename}}/environmentsOption 1. Request Body for None PKCE:
{ "name": "{{environmentname}}", "functions": ["DEVPORTAL"], "proxies": [ { "proxyClusterName": "{{devPinstanceGroupName}}", "hostnames": ["{{devPenvironmentHostname}}"], "runtime": "PORTAL-PROXY", "policies": { "oidc-authz": [ { "action": { "authFlowType": "AUTHCODE", "jwksURI": "https://{{auth0Domain}}/.well-known/jwks.json", "tokenEndpoint": "https://{{auth0Domain}}/oauth/token", "userInfoEndpoint": "https://{{auth0Domain}}/userinfo", "authorizationEndpoint": "https://{{auth0Domain}}/authorize", "logOffEndpoint": "https://{{auth0Domain}}/v2/logout", "logOutParams": [ { "paramType": "QUERY", "key": "returnTo", "value": "http://{{devPenvironmentHostname}}/_logout" }, { "key": "client_id", "paramType": "QUERY", "value": "{{clientId}}" } ], "TokenParams": [ { "paramType": "HEADER", "key": "Accept-Encoding", "value": "gzip" } ], "uris": { "loginURI": "/login", "logoutURI": "/logout", "redirectURI": "/_codexch", "userInfoURI": "/userinfo" } }, "data": [ { "clientID": "{{clientId}}", "clientSecret": "{{clientSecret}}", "scopes": "openid+profile+email+offline_access" } ] } ] } } ] }Option 2. Request Body for PKCE:
{ : "authFlowType": "PKCE", : "clientSecret": "{{clientSecret}}", -> Remove this line. : } -
Get an environment of
Dev Portal:GET https://{{ctrl_ip}}/api/acm/v1/infrastructure/workspaces/{{infraworkspacename}}/environmentsResponse:{ : curl -k https://<CTRL-FQDN>/install/nginx-agent > install.sh && sudo sh install.sh -g devp-group && sudo systemctl start nginx-agent : } -
Delete an environment of
Dev Portal:DELETE https://{{ctrl_ip}}/api/acm/v1/infrastructure/workspaces/{{infraworkspacename}}/environments/{{environmentname}} -
SSH into the instance of Dev Portal, and run the following commands:
curl -k https://<CTRL-FQDN>/install/nginx-agent > install.sh && sudo sh install.sh -g devp-group && sudo systemctl start nginx-agent
- Open a web browser and access the Dev Portal's FQDN like
http://nginx.devportal.auth0.test.
- Try
LoginandLogout.
- Test the above TWO steps after changing IdP (PKCE option) and updating Dev Portal via NGINX ACM API.
