This section provides you with detailed information on how to configure the WSO2 Identity Server from the start. The following diagram depicts the normal flow of events you would follow.
As per the above diagram, when setting up the Identity Server, you would configure the following in the order mentioned.
When configuring the Identity Server, the first step to do is to set up the databases. This includes creating the database and populating it with the various tables that are required. Once you have set up the databases, configure the datasources to point to the databases created. See Setting up the Physical Database for information on setting up the database with its tables and configuring the datasources.
The next step is to configure user stores. These can be either primary or secondary user stores. Instead of using the user store that comes inbuilt with the product, you can configure your own user store with the Identity Server. See Configuring User Stores or information on user store configurations.
Users, roles and permissions
You can now add users and assign roles to the user stores. Each role can have specific permissions. See Configuring Users, Roles and Permissions for more information on working with users, roles and permissions.
You can map a set of attributes from the underlying user store to a set of defined claims. See Claim Management to work with claim dialects and provide mapping instructions.
Install any additional features you need for the Identity Server. A common feature that can be installed is the key manager feature when configuring IS as the key manager in a distributed WSO2 API Manager set up. See Features for more information.
Setting up Keystores
Create and add a keystore to manage keys that are stored in the database. This is very useful in WS-Security scenarios. See Using Asymmetric Encryption in the WSO2 Product Administration Guide for more information.
Add and view tenants. This feature enables users to have a customized experience. See Creating and Managing Tenants for more information. Also see Email Templates for more information on customizing automated emails for users configured under specific tenants.
Once you have configured the user stores, you can configure various tools available to you in the management console. See Using WSO2 Identity Server for information on working with the features in the Main menu.Management console features
You can do the following using the tools available in the Configure menu.
On the Tools menu, you can do the following.
On the Monitor menu, you can do the following.
- Identity providers
Once everything else is configured, you can add an identity provider. You can link this to the user store you configured and also specify which protocols you wish to use to configure your IdP. See the architecture of the Identity Server to see how the identity provider configurations are used in the bigger picture.
- Service providers
Finally, configure the service provider to integrate with the identity provider and the Identity Server. You can link this to the user store you configured and also specify which protocols you wish to use to configure your SP. See the architecture of the Identity Server to see how the service provider configurations are used in the bigger picture.