|
| 1 | +# This is a sample configuration file for the Adobe-Console connector. |
| 2 | +# |
| 3 | +# umapi (user management api) is a network protocol served by Adobe that |
| 4 | +# provides management of users in Adobe-hosted enterprise organizations. |
| 5 | +# |
| 6 | +# This sample file contains all of the settable options for this protocol. |
| 7 | +# All of the settings here can be changed. It is recommended |
| 8 | +# that you make a copy of this file and edit that to match your configuration. |
| 9 | +# While you are at it, you will likely want to remove a lot of this commentary, |
| 10 | +# in order to enhance the readability of your file. |
| 11 | + |
| 12 | +# (optional) UMAPI server settings (defaults as shown) |
| 13 | +# The host and endpoint settings specify the Adobe endpoints which |
| 14 | +# host the UMAPI services and those which provide authorization. |
| 15 | +# The timeout and retries settings control how much delay (in seconds) |
| 16 | +# can be tolerated in server responses, and also how many times a request |
| 17 | +# that fails due to server timeout or server throttling will be retried. |
| 18 | +# You will *never* need to alter these settings unless you are provided |
| 19 | +# alternate values by Adobe as part of a support engagement. It is |
| 20 | +# highly recommended that you leave these values commented out |
| 21 | +# so that the default values are guaranteed to be used. |
| 22 | +server: |
| 23 | + #host: usermanagement.adobe.io |
| 24 | + #endpoint: /v2/usermanagement |
| 25 | + #ims_host: ims-na1.adobelogin.com |
| 26 | + #ims_endpoint_jwt: /ims/exchange/jwt |
| 27 | + #timeout: 120 |
| 28 | + #retries: 3 |
| 29 | + |
| 30 | +# (required) integration settings |
| 31 | +# You must specify all five of these settings. Consult the |
| 32 | +# Adobe UMAPI documentation and the Adobe I/O Console to determine |
| 33 | +# the correct settings for your enterprise organization. |
| 34 | +# [NOTE: the priv_key_path setting can be an absolute or relative pathname; |
| 35 | +# if relative, it is interpreted relative to this configuration file.] |
| 36 | +integration: |
| 37 | + org_id: "Org ID goes here" |
| 38 | + api_key: "API key goes here" |
| 39 | + client_secret: "Client secret goes here" |
| 40 | + tech_acct: "Tech account ID goes here" |
| 41 | + priv_key_path: "private.key" |
| 42 | + |
| 43 | + # (optional) As an alternative to priv_key_path, you can place the private key |
| 44 | + # data directly in this file. To do this, remove the priv_key_path entry above |
| 45 | + # and uncomment the following entry. Replace the sample data with the data |
| 46 | + # from your private key file (which will be much longer). |
| 47 | + #priv_key_data: | |
| 48 | + # -----BEGIN RSA PRIVATE KEY----- |
| 49 | + # MIIf74jfd84oAgEA6brj4uZ2f1Nkf84j843jfjjJGHYJ8756GHHGGz7jLyZWSscH |
| 50 | + # CoifurKJY763GHKL98mJGYxWSBvhlWskdjdatagoeshere986fKFUNGd74kdfuEH |
| 51 | + # -----END RSA PRIVATE KEY----- |
| 52 | + |
| 53 | + # (optional) You can store credentials in the operating system credential store |
| 54 | + # (Windows Credential Manager, Mac Keychain, Linux Freedesktop Secret Service |
| 55 | + # or KWallet - these will be built into the Linux distribution). |
| 56 | + # To use this feature, uncomment the following entries and remove the |
| 57 | + # api_key, client_secret, and priv_key_data above. |
| 58 | + # The actual credential values are placed in the credential store with the |
| 59 | + # username as the org_id value, and the key name (perhaps called internet |
| 60 | + # or network address) as one of the values below. |
| 61 | + #secure_api_key_key: umapi_api_key |
| 62 | + #secure_client_secret_key: umapi_client_secret |
| 63 | + #secure_priv_key_data_key: umapi_private_key_data |
| 64 | + # Note: the Windows credential store generally can't store data as large as a private |
| 65 | + # key, so the recommended path for securing your private key on windows is given next. |
| 66 | + |
| 67 | + # (optional): You can secure your private key data by encrypting it, as with |
| 68 | + # openssl pkcs8 -in private.key -topk8 -v2 des3 -out private-encrypted.key |
| 69 | + # which prompts for a passphrase and creates a passphrase-encrypted file in PKCS#8 format. |
| 70 | + # Having done this, you can use the setting priv_key_pass to specify the passphrase needed |
| 71 | + # by User Sync to decrypt the private key file (or private key data), as in: |
| 72 | + #priv_key_pass: "my passphrase for my private key" |
| 73 | + # For better security, you should save your passphrase into the secure credential store |
| 74 | + # on your platform (username = your org ID, service/internet address = "umapi_private_key_passphrase") |
| 75 | + # and then uncomment this setting: |
| 76 | + #secure_priv_key_pass_key: umapi_private_key_passphrase |
| 77 | + |
| 78 | +# (optional) identity_type_filter (default value is all) |
| 79 | +# By default, connector will automatically load users from all identity type to be load as directory users. |
| 80 | +# When specify with one of the following value (adobeID, enterpriseID, federatedID) |
| 81 | +# the connector will automatically filter users by the specified identity type. |
| 82 | +identity_type_filter: all |
| 83 | + |
0 commit comments