fiware-idm
fiware-idm copied to clipboard
Published
20 hours ago •
ging
ging
Explanation needed regarding External Participant Config
Hi everyone,
I am trying to configure Keyrock to act as an AR. However I have some trouble getting the config right. The docs are not really helpful.
Assume the config.pr:
config.pr = {
url: "https://mw.i4trustsat.ishareworks.nl",
id: "EU.EORI.NLi4TRUSTSAT",
parties_endpoint: undefined,
token_endpoint: undefined,
client_id: "EU.EORI.NL03000023",
client_key: undefined,
client_crt: undefined
}
My questions:
- What precisely is an external participant? Is it an iShare Satelite instance?
- Where does url have to point to? To the iShare satelite base URL? (I assume because of the two endpoints)
- If no, what does id need to be?
- How must client_key look like?
- How must client_crt look like?
- Is it the same cert as the one from the EORI indicated by client_id and retrieved from iShare satelite?
Thanks Markus
So far I figured out that client_key and client_crt must look as follows:
client_key: "-----BEGIN PRIVATE KEY-----\n<YOUR PRIVATE KEY\n-----END PRIVATE KEY-----", client_crt: "-----BEGIN CERTIFICATE-----\n<YOUR CERT\n-----END CERTIFICATE-----"
I assume its from the Entitled Party. Could that be?