This section provides you with detailed information on how to configure the WSO2 Identity Server from the start. The following diagram depicts the normal flow of events you would follow.
As per the above diagram, when setting up the Identity Server, you would configure the following in the order mentioned.
When configuring the Identity Server, the first step to do is to set up the databases. This includes creating the database and populating it with the various tables that are required. Once you have set up the databases, configure the datasources to point to the databases created. See Working with Databases for information on setting up the database with its tables and configuring the datasources.
The next step is to configure user stores. These can be either primary or secondary user stores. Instead of using the user store that comes inbuilt with the product, you can configure your own user store with the Identity Server. See Working with User Stores for information on user store configurations.
Users, roles and permissions
You can now add users and assign roles to the user stores. Each role can have specific permissions. See Configuring Users, Roles and Permissions for more information on working with users, roles and permissions.
Install any additional features you need for the Identity Server. A common feature that can be installed is the key manager feature when configuring IS as the key manager in a distributed WSO2 API Manager set up. See Features for more information.
Create and add a keystore to manage keys that are stored in the database. This is very useful in WS-Security scenarios.
Add and view tenants. This feature enables users to have a customized experience. See Multitenancy for more information. Also see Email Templates for more information on customizing automated emails for users configured under specific tenants.
Once you have configured the user stores, you can configure various tools available to you in the management console. See User Guide for information on working with the features in the Main menu.
- Identity providers
Once everything else is configured, you can add an identity provider. You can link this to the user store you configured and also specify which protocols you wish to use to configure your IdP. See the architecture of the Identity Server to see how the identity provider configurations are used in the bigger picture.
- Service providers
Finally, configure the service provider to integrate with the identity provider and the Identity Server. You can link this to the user store you configured and also specify which protocols you wish to use to configure your SP. See the architecture of the Identity Server to see how the service provider configurations are used in the bigger picture.