AM 7.4.0

Configure STS instances

You configure STS instances to perform one or more token transformations. Each instance provides configuration details about how SAML v2.0 and/or OpenID Connect output tokens are encrypted or signed. Deployments that support multiple SAML v2.0 and/or OpenID Connect service providers require multiple STS instances.

When you publish an STS instance, you create an STS instance with a given configuration. You can publish instances using the AM admin UI or the REST API.

When you publish a REST STS instance, AM exposes a REST endpoint for accessing the instance, and the instance is immediately available for use to callers.

The SOAP STS service is deprecated, and will be removed in a future release. Installing instances of this service is not supported.

Configure the REST STS

To configure a REST STS instance using the AM admin UI, go to Realms > Realm Name > STS > REST STS Instances, and click Add.

See REST STS configuration properties for detailed information about STS configuration properties.

You can also publish REST STS instances programmatically. AM provides a Publish service, which is a collection of endpoints you can use to publish instances instead of accessing the AM admin UI.

For more information, see Publish REST STS instances.

Copyright © 2010-2024 ForgeRock, all rights reserved.