Internal authorization server setup
The DINGO-Stack has an internal authorization server. The internal authorization server implements OAuth2 functions to secure the web services on the DINGO device. It supports the Resource Owner Password Credentials Grant and the Client Credentials Grant.
The DINGO-Manager is using the Resource Owner Password Credentials Grant when communicating securely with the DINGO device.
Authorization servers have usually many user accounts. An user account is a username and password. In regards to OAuth2, there can also be client accounts that have an client ID and secret, instead of a username and password. The internal authorization server on the DINGO device has however only one configurable user account and only one configurable client account. The user account is used for the Resource Owner Password Credentials Grant and the client account is used for the Client Credentials Grant.
Enabled: If this check-box is checked then it means that the internal authorization server is used by the DINGO device. If it is unchecked then it will use the settings in the external authorization server setup to authenticate access tokens.
Token duration sec.: Determines how long a token generated by the internal authorization server is valid. The duration is specified in seconds.
Press the Save button to save the enabled and duration properties to the DINGO device.
These fields are always empty, even though something is stored on the server. This is to protect the user account. These fields are only used when overwriting the user account.
User name: The user name for the user account. This field is only used when overwriting the user account on the DINGO device. The user name will never be read back from the server.
Password: The password for the user account. This field is only used when overwriting the user account on the DINGO device. The password will never be read back from the server.
Confirm password: This field is used to confirm that the password is the same as specified before.
Press the Save button to save the properties regarding the Resource Owner Password Credentials Grant to the DINGO device.
These fields are always empty, even though something is stored on the server. This is to protect the client account. These fields are only used when overwriting the client account.
The client account is not used by the DINGO-Manager, but other clients might prefer it.
Client ID: The client identifier for the client account. This field is only used when overwriting the client account on the DINGO device. The client identifier will never be read back from the server.
Secret: The secret for the client account. This field is only used when overwriting the client account on the DINGO device. The secret will never be read back from the server.
Confirm secret: This field is used to confirm that the secret is the same as specified before.
Press the Save button to save the properties regarding the Client Credentials Grant to the DINGO device.
Private key: The tokens that the internal authorization server generates are signed by a private key. By clicking on the Generate button a new private key is generated. This key is generated on the server and is never read from the server. It is important that a new private key is generated when the internal authorization server is set up.
The reload icon in the upper right corner can be clicked to reload the information from the DINGO device.