-
On the Home page, click Security > API > Authorization Servers > Add Authorization Server.
-
Enter the following information:
Setting
Example
Description
Name
Smart Completions Smart API
The name of the authorization server.
Audience
71FC520E-78DA-4EA7-96C1-164EA13FD5DO
The GUID for this audience. This GUID can be generated using the GUID website http://new-guid.com. The GUID must be in upper case.
Keep a record of the GUID as it is used as part of authorization server.
Description
Smart Completions Smart API Server
A name for the authorization server.
-
Click Save.
Set server custom scopes
This procedure allows you to set up the server custom scopes after the authorization server is configured.
-
On the Home page, click Authorization Servers.
-
Select the authorization server that you just created, for example Smart Completions Smart API.
-
Select the Scopes tab, and click Add Scope.
-
For Name, enter the audience GUID.
Do not set the default scope to Set as a default scope.
Set server custom claims
-
On the Home page, click Authorization Servers.
-
Select the authorization server that you just created, for example Smart Completions Smart API.
-
Select the Claims tab and click Add Claims.
-
In the Add Claims, set the claims as follows:
Name
Value
Scopes
Type
Included
sub
(appuser != null) ? appuser.userName : app.clientId
Any
access
Always
email
appuser.email
Any
access
Always
-
Click Create.
Set the server access policy
-
On the Home page, click Authorization Servers.
-
Select the authorization server that you just created, for example Smart Completions Smart API.
-
Select the Access Policies tab and click Add Policy.
-
Enter the Name and Description.
-
Select The following clients and then enter the application name created earlier as the client name.
-
Click Create Policy.
Set the server rule
-
On the Home page, click Authorization Servers.
-
Select the authorization server that you just created, for example Smart Completions Smart API.
-
Select the Access Policies tab and click Add Rule.
Rules allow for configuration of the token expiration based on the selected grant type, user, and scope.
-
Provide all the required fields and click Create Rule.
-
Click Settings tab and make a note of the Audience and Issuer information. This information is required to configure the API.