Enabling Centralized Authentication in an Existing Installation

  • Updated


It is possible to enable Centralized Authentication for an existing InRule installation, provided that you are updated to the most recent version of InRule. This can be accomplished by modifying configuration files and enabling authentication controls in their respective applications. The location of this files, and the values that need to be set are described below.

Before beginning this process. Make sure a User Administrator exists in your catalog that has a valid email address associated with them. An email address is required in order to log in using centralized authentication.

Enable Centralized Authentication in the irCatalog Service

Navigate to : (Your InRule Installation Root Directory)\irServer\RepositoryService\IisService

Open the web.config file and replace the existing <authentication> section with:

<authentication type="custom">
<provider>InRule.Repository.Service.Providers.SqlServerWithOpenIdConnectAuthenticationProvider, InRule.Repository.Service</provider>
<options>
<option name="validIssuer" value="https://auth.inrulecloud.com/" />
<option name="discoveryUrl" value="https://auth.inrulecloud.com/.well-known/openid-configuration" />
<option name="requireHttps" value="true" />
<option name="validAudiences" value="master_service" />
</options>
</authentication>

Enable Centralized Authentication for the irCatalogManager Website

Most of the configuration for irCatalogManager Website is handled via the installer. However, you will need to add a valid license key in order for the domain where you are hosting the website to be white-listed for use with centralized authentication. You can use any InRule license key. This key is used to validate that you are a current InRule customer.

Navigate to: (Your InRule Installation Root Directory)\irServer\CatalogManagerWeb

Open the Web.config file.

In the <appSettings> section. Modify the following child elements:

<add key="InRule.Catalog.Oidc.LicenseKey" value ="YOUR_LICENSE_KEY" /> 
<add key="InRule.Catalog.Oidc.Enabled" value="true" />
<add key="InRule.Catalog.Oidc.RedirectUri" value="https://yourcatalogmanagername.azurewebsites.net/" />
<add key="InRule.Catalog.Oidc.PostLogoutRedirectUri" value="https://yourcatalogmanagername.azurewebsites.net/" />

For the LicenseKey, this can be any valid InRule 5 license key. It is used only for determining that you are an InRule customer, and it does not register as an activation.

 

After you have modified the web.config file, it is necessary to restart the irCatalogManager Website. You can do this through Microsoft IIS. In addition, someone with an Application Administrator role in Azure AD needs to log in and authorize the InRule application.

 

Enable Centralized Authentication in irCatalogManager

In the top toolbar go to Options -> Enable Centralized Authentication Controls

mceclip0.png

Once checked and confirmed by hitting Ok, a Login button will appear in the top-right corner of the irCatalogManager screen.

mceclip1.png

Enable Centralized Authentication in irAuthor

In the top-most toolbar go to File -> Options. In the options screen, under the General tab, you will see a checkbox to Enable Centralized Authentication Controls.

mceclip2.png

After selecting that checkbox and confirming by hitting Ok, you will see a login button in the Home ribbon.
mceclip3.png

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.