Set up the OIDC Definition API

To configure an API protection definition to be OIDC OP conformant and Financial Grade API compliant, ensure the OIDC Compliant and FAPI Compliant flag are checked. See OIDC Definition and WebSEAL OAuth Config. Follow the guidelines below and the configuration steps in this topic to be completely conformed:

OIDC Compliance is a prerequisite for FAPI Compliance. The following conformances are configured when the OIDC or FAPI Wizards are checked.

More information on the functionalities performed can be found in OpenID Connect Provider Conformance and FAPI Conformance.

The following are configured when OIDC Compliant flag is check in API Definition API.

Steps

  1. OIDC Definition

    1. In the appliance dashboard, select Federation > OpenID Connect and API.

    2. In the Definitions tab, check the OIDC Compliant and FAPI Compliant check-box.

  2. WebSEAL OAuth Config

    1. In the appliance dashboard, select Web > Reverse Proxy.

    2. Select a reverse proxy instance.

    3. Navigate to Manage > AAC and Federation Configuration > OAuth and OpenID Connect Provider Configuration.

    4. In the Main tab, check the FAPI compliant check-box.

Parent topic: Conformance