DocsEdge Stack
1.8
User Account and Authentication Service (UAA)
User Account and Authentication Service (UAA)
IMPORTANT: Ambassador Edge Stack requires the IdP to return a JWT signed by the RS256 algorithm (asymmetric key). Cloud Foundry's UAA defaults to symmetric key encryption which Ambassador Edge Stack cannot read.
- When configuring UAA, you will need to provide your own asymmetric key in a file called - uaa.yml. For example:
- Create an OIDC Client: - Note: Change the value of - {AMBASSADOR_URL}with the IP or DNS of your Ambassador load balancer.
Configure Filter and FilterPolicy
Configure your OAuth Filter and FilterPolicy with the following:
   Use the clientID (ambassador) and secret (CLIENT_SECRET) from Step 2 to configure the OAuth Filter.
   Note: The authorizationURL and audience are the same for UAA configuration.
Note: The scopes field was set when creating the client in Step 2. You can add any scopes you would like when creating the client.