Access Management 7.3.1

Policy and application stores

In addition to the identity store, you can configure data stores for different types of data.

You might want to store these data types separately from other data types, depending on their characteristics; for example, to allow specific tuning of the indexes in the directory server.

You can configure data stores for the following data types:

  • UMA data.

    Provides storage for UMA-related data, such as resources, labels, and pending requests.

  • Core Token Service (CTS) data.

    Provides highly available storage for sessions and tokens used by AM.

  • Policy data.

    Provides storage for policy-related data, such as policies, policy sets, and resource types. Policy stores also store delegated realm administration privileges.

    If you change the policy data store, any existing policy sets and resource types will no longer be available to the realm where you made the change. Either recreate these items manually, or use Amster to export them from the old data store, then import them back after changing to the new data store.

  • Application data.

    Provides storage for application-related data, such as web and Java agent configuration, federation entities and configuration, and OAuth 2.0 clients definitions.

Tasks to configure policy and/or application stores
Task Resources

Prepare the store(s)

You must install new DS servers for the store(s). If you are configuring an AM instance that already has policy or application data in its configuration store, you might want to migrate that data to the new store(s).

Configure the store(s)

Configure the newly-installed store(s) so that AM can use them.

Copyright © 2010-2024 ForgeRock, all rights reserved.