Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Add and Manage OAuth Servers

For API security with OAuth server, you must create an OAuth setup in Juniper Security Director Cloud and in the corresponding Identity Provider (IdP). You can add a single OAuth server for authorization. The supported IdPs are Okta and Entra ID (Azure AD).

Add OAuth Servers

  1. Click Administration > API Security.
    The API Security > API Keys page appears.
  2. Click OAuth Servers tab and then click the plus icon (Blue plus symbol suggesting an action like adding or expanding content.).
    The Create OAuth server page appears.
  3. Enter the OAuth server name.
  4. (Optional) Enter the OAuth server issuer.
  5. Select the public key type for your IdP:

    • Upload Public key—Browse and upload the Privacy Enhanced Mail (PEM) file that is used to store the keys and certificates.

    • Enter URI—Enter the JSON Web Key Set Universal Resource Identifier (jwks_uri) provided by your IdP.

  6. Click OK.
    The added OAuth server is displayed on the API Security > OAuth Servers page.

To set up scopes and to generate a token for IdP, see Okta Documentation and Microsoft Entra documentation.

Ensure that the scope name in the Okta or Microsoft Entra ID IdP configuration is in tenant-id::<oauthservername>::role format. For example, tenant_id_123::test-oauthserver::administrator

Manage OAuth Servers

  • Edit—Select a server, and then click the pencil icon (Blue pencil icon indicating edit functionality.). Only an administrator can edit OAuth server settings in Juniper Security Director Cloud. An operator can only view the OAuth server settings.

  • Delete—Select a server, and then click the trash can icon (Blue trash can icon representing delete or remove function.).