Help us improve your experience.
Let us know what you think.
Do you have time for a two-minute survey?
Solutions
Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries
Welcome to the NOW Way to Wi-Fi
Take your networking performance to new heights with a modern, cloud-native, AI-Native architecture. Only Juniper can help you unleash the full potential of Wi-Fi 7 with our AI-Native platform for innovation.
AI Data Center Networking
Juniper’s AI data center solution is a quick way to deploy high performing AI training and inference networks that are the most flexible to design and easiest to manage with limited IT resources.
Enterprise AI‑Native Routing
Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Ops4AI Lab
Visit our lab in Sunnyvale, CA and see our AI data center solution for yourself. You can try out your own model’s functionality and performance, too.
Enterprise AI‑Native Routing
Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Shaping Student Experiences: The NOW Way to Build Higher Education Networks
Join Juniper Networks CIO Sharon Mandell and a virtual summit of C-level IT leaders from prestigious institutions as they discuss ongoing efforts to support digital transformation.
Security in healthcare
In this IDC Spotlight report, discover how AI networking can automate and strengthen a healthcare ecosystem to defeat criminals and prevent loss.
The Future of In-Store Technologies
Join us for an enlightening webinar with Kevin McCartan, Senior IT Service Delivery Engineer at Musgrave; retail guru Jack Stratten of Insider Trends; and Christian Gilby, Director of Product Marketing at Juniper Networks, as they discuss the future of in-store technologies.
Products
Wireless access Wired access SD-WAN / SASE Routing and switching Security Mist AI™ Management software Network operating system Blueprint for AI-Native Acceleration Optics
Juniper ACX7020 Cloud Metro Access Router
Legacy networks simply cannot meet the demands of today’s rapidly evolving metro landscape. Unlock a new generation of highly scalable architectures and automated operations with the Juniper ACX7020.
Next-gen AI-Native EX4000 line of switches
Lack of AI innovation from your current networking vendor slowing you down? Embrace Juniper’s cloud-native, AI-Native access switches that support every level and layer, across nearly every deployment.
The Q&AI Podcast
Delivering practical solutions and enriching discussions, this podcast series is a vital resource for those seeking an in-depth exploration of AI's transformative potential.
Services
Services
Juniper AI Care Services Revolutionize Your Service Experience
Our industry-first AI-Native services couple AIOps with our deep expertise across the full network life cycle. You can move from reactive response to proactive insight and action.
Juniper AI Data Center Deployment Services Optimize Your AI Model Runs
We use our expertise and validated designs to help design, deploy, validate and tune networks, including GPUs and storage, to get the most from your AI infrastructure operation.
Partners
PartnersSupport and Documentation
Support and Documentation
The Juniper Support Portal (JSP) mobile app is now available!
Get Juniper support anytime, anywhere with the JSP mobile application, now available for Android and iOS!
Learn
About Juniper Training Events The Feed Resources Technology learning topics Thought leadership and insights
Executive insights
Dive deep with leading experts and thought leaders on all the topics that matter most to your business, from AI to network security to driving rapid, relevant transformation for your business.
Leadership voices
Juniper Networks’ leaders operate on the front lines of creating the network of the future. Take a look around to see what’s on their minds.
Bob Friday Talks
Join Bob as he ventures into all the knowns -- and -- unknowns -- of AI.
primary {
address address;
ca-profile ca-profile;
client-id client-id;
client-secret client-secret;
interface interface-name;
routing-instance routing-instance -name;
source source-address;
}
[edit services user-identification identity-management connection]
Configure parameters that the SRX Series Firewall uses to connect to the Juniper Identity Management Service (JIMS) primary server and authenticate to it to obtain an access token. JIMS requires that the SRX Series Firewall use OAuth2 to authenticate to it before the SRX Series Firewall can query the JIMS server for user identity information. The SRX Series Firewall must provide the JIMS server with credentials, including a client ID and a client secret. If the client is authenticated-in this case the SRX Series Firewall—it is granted an access token. (See RFC 6749.) Both the client ID and the client secret must be consistent with the API client configured on the JIMS primary server.
In addition to configuring the client ID and the client secret, you configure the filename of the JIMS’s ca-certificate. The certificate enables the SRX Series Firewall to verify the identity of JIMS and that it is trusted for the SSL connection.
If the deployment configuration consists of more than one JIMS server, a primary and secondary relationship is established. The SRX Series Firewall always attempts to connect to the primary server. When one or more queries to the primary server fails, the system falls back to the secondary server.
address- Configure the IP address for the primary Juniper Identity Management Service (JIMS) server. The SRX Series Firewall requires the server IP address to connect to the server to obtain an access code that allows it to query the server for user identity information. The IP address is configured as part of a collection of information which includes the SRX Series Firewall’s client ID, client secret, and ca-certificate information.
The SRX Series Firewall sends a unique set of identification information to the primary server and the secondary server. The feature supports only IPV4 addresses.
client-id- Client ID that the SRX Series provides to the JIMS primary server as part of its authentication to it. The SRX Series Firewall must authenticate to the server to obtain an access token that allows the SRX Series Firewall to query the server for user identity information The client ID must be consistent with the API client configured on the JIMS primary server.
client-secret- Client secret that the SRX Series provides to the JIMS primary server as part of its authentication to it. The client secret must be consistent with the API client configured on the JIMS primary server.
Before you use this feature, you must disable any other actively used options under the [edit services user-identification] hierarchy. You cannot commit this configuration if active directory authentication and the ClearPass query and webapi functions are configured and committed.
| address | IP address of the primary server. |
| ca-profile | CA profile name |
| client-id | Client ID for OAuth2 grant |
| client-secret | Client secret for OAuth2 grant |
services—To view this statement in the configuration.
services-control—To add this statement to the configuration.
The remaining statements are explained separately. See CLI Explorer.
