The Discover application has configuration properties that allow the behavior to be modified without recompiling the code. One can change the back-end API URL, Relying Party Identifier, Domain ID, API credentials, and more. See the table below for a list of all available configuration properties that can be modified.
To change the configuration navigate to /usr/local/strongauth/discover/etc/ and open the discover-configuration.properties file. If there is no file with that name, create one to change the default configuration.
Restart Payara after making necessary configuration changes:
sudo systemctl restart payara
|
Property |
discover.cfg.property.apiuri |
|
Explanation |
This property allows configuration of the URL used to communicate with the Strongkey FIDO Server (SKFS) to call FIDO webservices. |
|
Default Value |
https://localhost:8181 |
|
Property |
discover.cfg.property.rpid |
|
Explanation |
This property should be set to the Relying Party ID (RPID) of the Strongkey Tellaro Appliance. The Relying Party is the website or application that relies on FIDO2 to authenticate users. |
|
Default Value |
strongkey.com |
|
Property |
discover.cfg.property.did |
|
Explanation |
This is a unique domain identifier used by Strongkey Tellaro Appliance to apply policy based restrictions to specific Domains as needed by the Security Administrator. |
|
Default Value |
1 |
|
Property |
discover.cfg.property.authtype |
|
Explanation |
Property that identifies the type of the authentication. |
|
Default Value |
PASSWORD |
|
Property |
discover.cfg.property.svcusername |
|
Explanation |
This is the username used for PASSWORD-based Authorization for skfsclient.
skfsclient operations are performed by a normal FIDO user. These operations include registration, authentication, authorization, getting key information, updating key information, and deleting keys. |
|
Default Value |
svcfidouser |
|
Property |
discover.cfg.property.svcpassword |
|
Explanation |
This is the password used for PASSWORD-based Authorization for skfsclient. |
|
Default Value |
Abcd1234! |
|
Property |
discover.cfg.property.skfs.adminusername |
|
Explanation |
This is the username used for PASSWORD-based Authorization for skfsadminclient.
skfsadminclient operations are performed by an administrative FIDO user. These operations include pinging the SKFS, policy management (get, create, patch, delete), setting configurations (get, update, delete), getting keys of multiple users simultaneously, and updating usernames. |
|
Default Value |
fidoadminuser |
|
Property |
discover.cfg.property.skfs.adminpassword |
|
Explanation |
This is the password used for PASSWORD-based Authorization for SkfsAdminClient. |
|
Default Value |
Abcd1234! |
|
Property |
discover.cfg.property.configlocation |
|
Explanation |
This property configures the path for the DISCOVER configuration properties file. |
|
Default Value |
/usr/local/strongauth/discover/etc/discover-configuration.properties |
|
Property |
discover.cfg.property.custommessageslocation |
|
Explanation |
This property configures the path to the file used for overriding default messages. |
|
Default Value |
/usr/local/strongauth/discover/etc/discover-messages.properties |
|
Property |
discover.cfg.property.wsprotocol |
|
Explanation |
Protocol to communicate with StrongKey Tellaro Appliance. |
|
Default Value |
REST |