register-oidc-client
Registers the Spotfire Server as an OpenID Connect client.
register-oidc-client
[-c value | --configuration=value]
[-b value | --bootstrap-config=value]
<-d value | --discovery-document-url=value>
<-n value | --provider-name=value>
[-l value | --client-name=value]
{-Cvalue}
[--available-to-data-sources=<true|false>]
[--registrar-client-id=value]
[--registrar-client-secret=value]
[--registrar-scope=value]
[-a value | --access-token=value]
[-v value | --authorization-header-value=value]
[--basic-auth-username=value]
[--basic-auth-password=value]
<-p value | --public-address=value>
[-r <true|false> | --replace-existing=<true|false>]Overview
Use this command to register the Spotfire Server as a client with a given OpenID Provider. The provider must support OpenID Connect Dynamic Client Registration. The metadata included in the registration request depends on the OpenID Connect configuration, so before running this command, first run the config-oidc command.
Options
| Option | Optional or Required | Default Value | Description |
|---|---|---|---|
|
Optional | configuration.xml | The path to the server configuration file. |
|
Optional | none | The path to the bootstrap configuration file. For more information, see Bootstrap.xml file. |
|
Required | none | The URL to the provider's OpenID Connect Discovery document. |
|
Required | none | The name to give the provider when adding it to the Spotfire Server configuration. |
|
Optional | Spotfire Server <version> | The name of the client to include in the registration request. |
|
Optional | none | The email address of a contact person to
include in the registration request. Can be specified multiple times with
different values.
Note: If you run this command from PowerShell, then you must
put the option in single quotation marks. (For example,
'-Cinfo@example.com'.)
|
|
Optional | true
|
Specifies whether tokens from the provider should be available to data sources (besides being used for authentication). Affects the registered redirect URIs. |
|
Optional | none | A client ID to be used for obtaining an initial access token using the client credentials flow. |
|
Optional unless
--registrar-client-id has been specified.
|
none | A client secret to be used for obtaining an
initial access token using the client credentials flow.
Mutually exclusive with the
|
|
Optional | none | A scope to be included when obtaining an initial access token using the client credentials flow. |
|
Optional | none | An initial access token to include with the
registration request.
Mutually exclusive with the
|
|
Optional | none | An Authorization header value to include
with the registration request. Mutually exclusive with the
--basic-auth-username,
--access-token and
--registrar-client-id arguments.
|
|
Optional | none | An HTTP Basic Authentication (RFC 7617)
username. Mutually exclusive with the
--access-token,
--authorization-header-value and
----registrar-client-id arguments.
|
|
Optional unless
--basic-auth-username has been specified.
|
none | An HTTP Basic Authentication (RFC 7617) password. |
|
Required | none | The public address of the Spotfire Server. See set-public-address for more information. |
|
Optional | false
|
Indicates that any existing OpenID Provider with the same name should be replaced. |
Examples
- Register (using an initial access token)
-
register-oidc-client --discovery-document-url=https://example.com/.well-known/openid-configuration --provider-name="Demo 1" --access-token="<token>" --public-address="https://spotfire.example.com/" - Register (using a custom client name and a contact email address)
-
register-oidc-client --discovery-document-url=https://example.com/.well-known/openid-configuration --provider-name="Demo 2" --client-name="Spotfire" -Cjohn.doe@example.com --public-address="https://spotfire.example.com/" - Register with Okta (using an API token)
-
register-oidc-client --discovery-document-url=https://example.com/.well-known/openid-configuration --provider-name="Okta" --authorization-header-value="SSWS <api_token>" --public-address="https://spotfire.example.com/"