Date: Thu, 28 Mar 2024 13:31:18 +0000 (UTC) Message-ID: <1381411910.11.1711632678663@42080daf82ed> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_10_778249446.1711632678663" ------=_Part_10_778249446.1711632678663 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
The IdP includes a small number of web-based administrative and = diagnostic interfaces, and this will grow over time. Typically there are al= so command line tools/scripts that provide a convenient way of accessing th= ese interfaces, and they tend to default to a closed access control model t= hat limits access to the local host.
Of course, all of the user-facing functionality of the IdP is technicall= y in the form of web interfaces adhering to the various protocols supported= , but this page deals with the (mostly if not entirely) non-user-facing fun= ctionality.
All of these services are implemented as administrative webflows that provide a consistent security model an= d support configuring flexible authentication and access control, though th= e currently delivered features tend to be for "IdP operator use" and assume= control with IP address rules.
An environment variable, IDP_BASE_URL, can be set to globally override t= he URL used to call the administrative flows from the command line tools. I= t defaults to "http://localhost/idp" and can also be overridden from the= command line with the "-u" switch (refer to the output of each command for= a complete summary of command line options).
Note that using an https URL may necessitate other options to allow the = certificate to be validated, or trust to be bypassed for localhost use.
The following interfaces are supported: