This page covers configuration steps for OpenIAM deployments. OpenIAM uses a microservices architecture with configuration distributed across multiple services and components.
OpenIAM configuration is managed through:
/opt/openiam/config/# Connection settings
ldap.connection.url=ldap://ad.example.com:389
ldap.connection.bindDN=CN=ServiceAccount,OU=Service Accounts,DC=example,DC=com
ldap.connection.password=service_account_password
ldap.connection.baseDN=DC=example,DC=com
# User mapping
ldap.user.searchBase=OU=Users,DC=example,DC=com
ldap.user.searchFilter=(sAMAccountName={0})
ldap.user.objectClass=user
# Group mapping
ldap.group.searchBase=OU=Groups,DC=example,DC=com
ldap.group.searchFilter=(cn={0})
<!-- Example SAML metadata -->
<md:EntityDescriptor entityID="https://your-domain.com/idp">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<!-- Certificate configuration -->
</md:KeyDescriptor>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="https://your-domain.com/idp/SSORedirect/metaAlias/idp"/>
</md:IDPSSODescriptor>
</md:EntityDescriptor>
# Main database connection
spring.datasource.url=jdbc:mysql://localhost:3306/openiam
spring.datasource.username=openiam_user
spring.datasource.password=openiam_password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
# Workflow database connection
workflow.datasource.url=jdbc:mysql://localhost:3306/activiti
workflow.datasource.username=activiti_user
workflow.datasource.password=activiti_password
# Redis connection
spring.redis.host=localhost
spring.redis.port=6379
spring.redis.password=redis_password
spring.redis.database=0
spring.redis.timeout=2000ms
# RabbitMQ connection
spring.rabbitmq.host=localhost
spring.rabbitmq.port=5672
spring.rabbitmq.username=openiam
spring.rabbitmq.password=openiam_password
spring.rabbitmq.virtual-host=/
# Elasticsearch connection
elasticsearch.host=localhost
elasticsearch.port=9200
elasticsearch.cluster.name=elasticsearch
elasticsearch.index.prefix=openiam
# Check configuration syntax
sudo openiam-cli validate-config
# Restart services after configuration changes
sudo openiam-cli restart
# Verify service health after changes
sudo openiam-cli status
curl http://localhost:9080/openiam-esb/actuator/health
Squeezing every bit of performance from your OpenIAM installation? Our experts help with:
Optimize your setup: office@linux-server-admin.com | Contact Us