GeneXus Access Manager (GAM)
Table of contents


Official Content

In this guide, you will find the Client configuration steps for GAMRemote Authentication Type.

From the GAM Backoffice, add the Authentication Type through the Authentication Types menu item.

Next, add the information as explained below:

GAMRemoteEntrySelect

GAMRemoteFilled1


Picture #1. Defining GAM Remote Authentication Type. Web Panel GAMExampleEntryAuthenticationType.

  • Client ID. Client ID of the Application – the same as the one specified in the Identity Provider.

  • Client Secret. Client Secret of the Application – the same as the one specified in the Identity Provider.

  • Local Site URL. URL of the client application – the same as the one specified in the Callback URL in the server.

  • Custom callback URL?. If checked, GAM doesn't handle the response. The custom callback URL field must be marked in the identity provider.

  • Request these scopes. These scopes will be the user data requested to the IDP, if more scopes are requested than those shared by the IDP it will not be possible to authenticate. To know more details about them follow this link.

  • Additional scopes. Here you can detail more specifically which user scopes to request to the IDP. To know more details about them follow this link.

  • Remote Server URL. URL of the server application (for example: http://server/TestGAMSSOServer.NetEnvironment). The format is: Http://<Server>:<Port>/<BaseURL>. For Java, don't include "/servlet".

  • Private Encryption Key. This private encryption key is used to encrypt the communication between client applications and the server application. It must be configured with the same value as the one specified for the GAM application defined in the Identity Provider (the server). If they are different, an error "javax.servlet.ServletException: java.lang.InternalError: invalid key" is thrown.

  • Repository GUID. Connect to this Repository in the Identity Provider.

  • Validate External Token. Validate the session expiration using the Token Expiration and Token renovations of the Identity Provider. The property is AutovalidateExternalTokenAndRefresh. For example: &AuthenticationTypeGAMRemote.GAMRemote.AutovalidateExternalTokenAndRefresh = TRUE.

See Also

Identity Provider Configuration for GAM Remote Authentication

Last update: 26 January 2024 by jpromero
Last update: February 2024 | © GeneXus. All rights reserved. GeneXus Powered by Globant