| `service_domain_name` | ex `contoso.com` | The name of the domain for which the service will run | no | -- |
| `partition_service_endpoint` | ex `https://foo-partition.azurewebsites.net` | Partition Service API endpoint | no | output of infrastructure deployment |
| `azure.activedirectory.app-resource-id` | `********` | AAD client application ID | yes | output of infrastructure deployment |
| `aad_client_id` | `********` | AAD client application ID | yes | output of infrastructure deployment |
| `azure.activedirectory.AppIdUri` | `api://${azure.activedirectory.client-id}` | URI for AAD Application | no | -- |
| `cosmosdb_database` | ex `foo-db` | The name of the CosmosDB database | no | output of infrastructure deployment |
...
...
@@ -73,23 +75,23 @@ with these settings service expects "x-payload" header which contains Base64 enc
| name | value | description | sensitive? | source |
| --- | --- | --- | --- | --- |
| `ENTITLEMENT_URL` | ex `http://localhost:8080/` | The host where the service is running | no | -- |
| `DOMAIN` | ex `contoso.com` | Must match the value of `service_domain_name` above | no | -- |
| `MY_TENANT` | ex `opendes` | OSDU tenant used for testing | no | -- |
| `AZURE_AD_TENANT_ID` | `********` | AD tenant to authenticate users from | yes | -- |
| `INTEGRATION_TESTER` | `********` | System identity to assume for API calls. Note: this user must have entitlements configured already | no | -- |
| `ENTITLEMENT_MEMBER_NAME_VALID` | `********` | Secret from `$INTEGRATION_TESTER` for userInfo cosmoscollection partitionId | yes | Create in userInfo cosmosCollection |
You may need to configure access to the remote maven repository that holds the OSDU dependencies. A default file should live within `~/.m2/settings.xml`:
_A settings file is also conveniently located in ./.mvn/community-maven.settings.xml which is also used for CI/CD processes._
### Build, Run and Test the application Locally
...
...
@@ -156,15 +139,15 @@ Jet Brains - the authors of Intellij IDEA, have written an [excellent guide](htt
Here is how you can configure user entitlements via the Azure specific API.
###Create a new user or service principal.
###Create a new user or service principal.
The request body contains the user or service principal to create in JSON format. At a minimum, you must specify the required properties for the user or service principal.
The request body contains the user or service principal to create in JSON format. At a minimum, you must specify the required properties for the user or service principal.
The required properties for a user or service principal is the uid and one tenant with one group. The uid is either a user email or a service principal UUID.
You can optionally specify any additional tenants and groups.
####Permissions
The following permission is required to call this API.
The following permission is required to call this API.
service.entitlements.admin
...
...
@@ -223,15 +206,15 @@ Here is an example of the request.
In the request body, supply a JSON representation of user object.
###Update a user or service principal.
###Update a user or service principal.
The request body contains the user or service principal to update in JSON format. At a minimum, you must specify the required properties for the user or service principal.
The request body contains the user or service principal to update in JSON format. At a minimum, you must specify the required properties for the user or service principal.
The required properties for a user or service principal is the uid and one tenant with one group. The uid is either a user email or a service principal UUID.
You can optionally specify any additional tenants and groups.
####Permissions
The following permission is required to call this API.
The following permission is required to call this API.