Setting up security tokens from a command line

You can use ConfigManager.exe from a Command Line Interface (CLI) to execute user authorization and security operations, including setting up security tokens.
Note: This operation, performed from a CLI, is intended primarily for system administrators working with customers in a cloud environment. Customers working in an on-premises installation environment can use the Configuration Manager utility to accomplish the same ends.

Setting the client ID and secret at the time of provisioning

Use this command line syntax as a string, for example:

ConfigManager.exe -U:AUTHSERV -service:S2S -client:mongoose_core -apigatewayid:lwsemccup8 -serviceendpoint:/test/as/v1/api/clients/ -addtoapp:CSI -servicename:mongoose_core -trace -overwrite

where:

  • -service is the service name.
  • -client is the client type.
  • -apigatewayid is the client registration API Gateway ID.
  • -apigatewayurl is the client registration API Gateway URL.
  • -serviceendpoint is the client registration API service path.
  • -addtoapp is the application name. Optionally, use this flag to save the secrets in the configuration for the application.
  • -servicename is the service name. Optionally, use this flag to save the security token in the service name, instead of the client type.
  • -trace is an optional flag that is used to check internal values.
  • -overwrite is an optional flag that is used to overwrite the existing service name.

Generating JSON file to be used to get the client ID and secret

Use this command line syntax as a string, for example:

ConfigManager.exe -U:AUTHSERV -service: S2SJSONTOFILE -client:mongoose_core -apigatewayid:lwsemccup8 -serviceendpoint:/test/as/v1/api/clients/ -filetostore:fileName -trace -overwrite

where:

  • -service is the service name.
  • -client is the client type.
  • -apigatewayid is the client registration API Gateway ID.
  • -apigatewayurl is the client registration API Gateway URL.
  • -serviceendpoint is the client registration API service path.
  • -filetostore is the file name of the path, where the generated JSON keys will be stored.
  • -trace is an optional flag that is used to check internal values.
  • -overwrite is an optional flag that is used to overwrite the existing service name.

Adding or deleting the consumer key and secret at the time of provisioning

Use this command line syntax as a string, for example:

ConfigManager.exe -U:AUTHSERV -service:IONCE -functionname:ionce-provision-oauth-token-ionce-app-integ-71int -servicetype:datacatalog -action:renew -logicalid:lid://infor.mongoose.dev -appfarmid:ucongmalakar3 -uses:admin -addtoapp:CSI -logtype:tail

where:

  • -service is the service name.
  • -type is an optional flag that is specified as RequestResponse, Event, DryRun, and so on. The default value is RequestResponse.
  • -functionname is a lambda function.
  • -servicetype is the service type string.
  • -action is an action that is specified as add, renew, delete, or get.
  • -logicalid is the string that is used as the logical ID and the identifier for the originating site.
  • -appfarmid is an optional flag that is specified as the application farm ID.
  • -logtype is an optional flag that is set to tail to include the execution log in the response.
  • -uses is a flag that is specified as reader, admin, user, and content-provisioner, separated by a comma.
  • -addtoapp is the application name. Optionally, use this flag to save the secrets in the configuration for the application. This flag is applicable for add and renew actions, and RequestResponse type.
  • -servicename is the service name. Optionally, use this flag to save the security token in the service name, instead of the client type.

Adding or deleting the consumer key and secret, and store the response JSON in a file

Use this command line syntax as a string, for example:

ConfigManager.exe -U:AUTHSERV -service: IONCEJSONTOFILE -functionname:ionce-provision-oauth-token-ionce-app-integ-71int -servicetype:datacatalog -action:renew -logicalid:lid://infor.mongoose.dev -appfarmid:ucongmalakar3 -uses:admin -filetostore:fileName

where:

  • -service is the service name.
  • -type is an optional flag that is specified as RequestResponse, Event, DryRun, and so on. The default value is RequestResponse.
  • -functionname is a lambda function.
  • -servicetype is the service type string.
  • -action is an action that is specified as add, renew, delete, or get.
  • -logicalid is the string that is used as the logical ID and the identifier for the originating site.
  • -appfarmid is an optional flag that is specified as the application farm ID.
  • -logtype is an optional flag that is set to tail to include the execution log in the response.
  • -uses is a flag that is specified as reader, admin, user, and content-provisioner, separated by a comma.
  • -filetostore is the file name of the path, where the generated JSON keys will be stored.

Storing security tokens for any application by service name in Mongoose Configuration

Use this command line syntax as a string, for example:

ConfigManager.exe -U:AUTHSERV -service:AUTHTOKEN -mode:add -app:appName -type:I -servicename:datacatalog -logicalid:lid://infor.mongoose.dev

where:

  • -service is the service name.
  • -mode is specified as new, edit, or delete.
  • -app is the application name.
  • -type is the authentication type, where:
    • I is ION CE Connector
    • S is Service to Service authentication
    • O is OAuth credentials
  • -servicename is the service type string.
  • -logicalid is the string that is used as the logical ID and the identifier for the originating site.
  • -key is the consumer key.
  • -secret is the consumer secret key.
  • -additionalprops is an optional flag that is specified as other properties to store.
Note: Services that are created using CLI are treated as provisioned and cannot be deleted in the Configuration Manager. Use the Security > Additional Props field in the Edit Application dialog box to update the provisioned service name.
Related topics