forked from sbweeden/fido2-node-clients
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.env.example
42 lines (33 loc) · 1.44 KB
/
.env.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#
# Common configuration
#
FIDO2_CLIENT_CONFIG=GENERATE_FROM_certs/generate_attestation_certs.sh
#
# ISV Configuration
#
ISV_TENANT_ENDPOINT="https://mytenant.verify.ibmcloudsecurity.com"
RPID="mytenant.verify.ibmcloudsecurity.com"
ORIGIN="https:///mytenant.verify.ibmcloudsecurity.com"
# OAuth client should have at least these entitlements:
# - Read users and groups (readUserGroups)
# - Manage second-factor authentication enrollment for all users (manageEnrollMFAMethodAnyUser)
# - Authenticate any user (authnAnyUser)
OAUTH_CLIENT_ID="XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
OAUTH_CLIENT_SECRET="XXXXXXXXXX"
ISV_USERNAME="your_username"
# If setting OIDC_USER_ACCESS_TOKEN then you do not need OAUTH_CLIENT_ID and OAUTH_CLIENT_SECRET
# You can get an OIDC_USER_ACCESS_TOKEN from the browser when logged in to your tenant. Use the
# network debugger, look at XHR requests and get the bearer token from the Authorization header.
#OIDC_USER_ACCESS_TOKEN=
#
# ISVA Configuration
#
# For the fidointerop.securitypoc.com demo site, the ISVA_USERNAME will
# look like a URL such as: https://login.ibm.com/oidc/endpoint/default/UNIQUE_ID
# This is normal for that site, do not be concerned.
#
#ISVA_ENDPOINT="https://fidointerop.securitypoc.com"
#RPID="fidointerop.securitypoc.com"
#ORIGIN="https://fidointerop.securitypoc.com"
#ISVA_USERNAME="GET_FROM_AZN_CRED_PRINCIPAL_NAME_IN_YOUR_CREDENTIAL"
#ISVA_USER_ACCESS_TOKEN="GET_FROM_FIDOINTEROP_ACCOUNT_SETTINGS_PAGE"