How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I export configuration details for the Agent (All versions)?

Last updated Sep 22, 2021

The purpose of this article is to provide information on exporting configuration details for the Agent. Exporting configuration details for the agent is a common step in troubleshooting as it allows you (or someone else) to check all your configuration settings.


1 reader recommends this article

Exporting Agent configuration details

You can export the agent configuration details using different methods:

Note

In AM 6 and later, it is not possible to use the exported agent configuration as the basis for creating a local configuration file for an agent. In earlier versions, you could use the exported configuration from the console as it was in the correct format.

REST

Note

Please observe the following when constructing REST calls:

  • Make the REST call to the actual AM server URL (not lb).
  • Change the name of the iPlanetDirectoryPro header to the name of your actual session cookie.
  • Set this session cookie header to the token returned when you authenticated.
  • Ensure the Accept-API-Version header contains valid resource versions.

See How do I avoid common issues with REST calls in AM (All versions)? for further information.

You can use REST to obtain the agent's profile as follows:

  1. Authenticate as an admin user. For example:$ curl -X POST -H "X-OpenAM-Username: amadmin" -H "X-OpenAM-Password: cangetinam" -H "Content-Type: application/json" -H "Accept-API-Version: resource=2.1" http://host1.example.com:8080/openam/json/realms/root/authenticate?authIndexType=service&authIndexValue=adminconsoleservice Example response: { "tokenId": "AQIC5wM2LY4SfcxsuvGEjcsppDSFR8H8DYBSouTtz3m64PI.*AAJTSQACMDIAAlNLABQtNTQwMTU3NzgxODI0NzE3OTIwNAEwNDU2NjE0*", "successUrl": "/openam/console", "realm": "/" }
  2. Return the agent's profile using the following curl command, where myAgent in the URL is replaced with the name of your agent:$ curl -X GET -H "iPlanetDirectoryPro: AQIC5wM2LY4Sfcxs...EwNDU2NjE0*" -H "Content-Type: application/json" http://host1.example.com:8080/openam/json/realms/root/agents/myAgent

Amster

You can export configuration details for all agents using the export-config command in Amster. For example:

  • Export configuration for all Web agents in the top level realm: am> export-config --path /path/to/export --realm / --realmEntities 'WebAgents'
  • Export configuration for all Java agents in the employees realm: am> export-config --path /path/to/export --realm employees --realmEntities 'J2eeAgents'

Configuration details for each agent will be written to a separate JSON file in the WebAgents or J2eeAgents directory within /path/to/export/realms/[realmName].

ssoadm

You can use ssoadm to return the agent's configuration. Enter the following command:

$ ./ssoadm show-agent -e [realmname] -b [agentname] -u [adminID] -f [passwordfile] -o [outputfile]

replacing [realmname], [agentname], [adminID], [passwordfile] and [outputfile] with appropriate values.

Console (AM 5.x)

You can export the agent configuration using the console by navigating to Realms > [Realm Name] > Applications > Agents > [Web or J2EE] > [Agent Name] and clicking Export Configuration.

It is not possible to export the agent configuration using the console in AM 6 and later.  

See Also

N/A

Related Training

ForgeRock Access Management Core Concepts (AM-400)

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.