Skip to content

Properties

standalone/configuration/insight.properites

eam.type=standalone
eam.url=http://localhost:8080/insight-standalone-server/rest

neccessary for roles-replication and document-downoad

roles.replication.type=hxgn
hxgn.adapter.url=http://hxgn-suite:8080/insight-infor-adapter

standalone/configuration/infor/eam.properties in HxGN-Adapter

eam.uri=https://eu1.eam.hxgnsmartcloud.com/axis/services/EWSConnector
tenant=<hxgn-tenant>
organisation=<org>
profile.organization.attribute=per_org

for document-upload

hxgn.rest=https://eu1.eam.hxgnsmartcloud.com/axis/restservices

OIDC authication

Due to limitiations in HxGN one OIDC client must be used for:

  • setup in HxGN SSO configuration
  • client_id for technical user
  • client_id for interactive users via browser or mobile app

The flow for the technical user must be ROPC. HxGN uses the id_token for authentication via the Authorization header.

Make sure the claim defined with oidc.userinfo.username is set for the id_token issued.

Details in HxGN documentation

insight.properties

oidc.server=https://login.microsoftonline.com/some-azure-ad-tenant/v2.0
oidc.token.name=id_token
oidc.accesstoken.validation=local

oidc.client.client_id=
oidc.client.client_secret=
oidc.client.scope=openid profile
oidc.userinfo.username=upn

oidc.cockpit.client_id=
oidc.cockpit.client_secret=
oidc.cockpit.scope=openid profile

oidc.techuser.client_id=
oidc.techuser.client_secret=
oidc.techuser.scope=openid profile

oidc.techuser.authflow=Resource Owner Password Credentials
oidc.techuser.username=
oidc.techuser.password=

Further documentation for callback uris and other settings: here

Environment-variables for hxgn-adapter

mandatory variables

  • PROFILE_URL=http://middleware:8080/insight-profile
  • IDENT_BASE64=true

optional variables for activating logging of SOAP-requests

  • PRETTY_PRINT_PAYLOAD=true
  • LOG_XML=true