I am struggling to find what the correct configuration information is so I can test authentication in the Integration Test environment. I have created a configuration here: https://connectionmanager.nhsint.auth-ptl.cis2.spineservices.nhs.uk/api/ and I am using the .Net tutorial code. It requires the following environment variables:
- KEYCLOAK_CLIENT_ID - Is this the client id from my config created above?
- KEYCLOAD_CLIENT_SECRET - Is this the team secret that the onboarding team sent me?
- KEYCLOAK_AUTHORITY - No idea where to find this for the Integration Test environment
- KEYCLOAK_PRIVATE_KEY_PATH - I assume this is not needed as it’s only referenced in the ReadMe and env files no where in code
- OAUTH_ENDPOINT - No idea where to find this for the Integration Test environment
No matter what I try I always get this:
Rather unhelpfully the keycloak variables refer to the implementation of the Mock CIS2 service. You would need to swap them for the CIS2 you got back from connection manager. client_id, secret (or private key depending on your choice), authority=audience from memory, endpoint is the CIS2 base url.
Unfortunately the CIS2 Auth team don’t manage the example apps and offer code support, as such I can only recommend going through the code to see where the variables are used and plug in the CIS2 values where applicable - or reach out to the API-M team
Thanks John, I’ve had another read and found the openid configuration file:
am.nhsint.auth-ptl.cis2.spineservices.nhs.uk/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/.well-known/openid-configuration
I’ve set the Authority in the OpenIDConnect settings to the issuer from this but all I get now is a blank page with a title of oAuth2 Error Page.
Any ideas?
Hi Steve, are you trying to use the mock CIS2 service with the sandbox examples? This is different to the main CIS2 Auth and has it’s own configuration and it sounds like you are mixing the two. For the mock service you would need to reach out to the API-M team who manage and configure it. Alternatively reach out to the CIS2 onboarding team and we can start to get you set up with CIS2 Auth for real in the INT environment.
