Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell APEX Navigator for Multicloud Storage Using Your Service

PDF

Map client IDs

You must map your Dell APEX Navigator client-id to the IdP client-id on the PowerScale system and provide your IdP's OAuth well-known metadata endpoint.

Prerequisites

Ensure that the PowerScale system has already registered trust with Dell APEX Navigator.

Steps

  1. Retrieve the client-id for Dell APEX Navigator on the PowerScale system using the OneFS Postman Collection provided earlier in this guide.
  2. Send the Create OneFS Session POST request with the username and password of your system set in the request body. 
    POST /session/1/session HTTP/1.1 
Host: {{cluster-ip-address}}:8080 
Content-Type: application/json 
Authorization: Bearer {{dci-jwt}}

Example request:
 {
    "username": "root",
    "password": "Dell@123!",
    "services": ["namespace","platform"]
}
  3. Send the Get Oauth ClientID GET request to view all the OAuth clients on the system.   
    GET /platform/auth/oauth/oauth2clients/
Host: {{cluster-ip-address}}:8080 
cookie: {{isisessid-cookie}} 
X-CSRF-Token: {{isicsrf-cookie-value}} 
Referer: https:// {{cluster-ip-address}}:8080 
Content-Type: application/json
  4. Find the last entry in the returned list which is the most recently created client-id through the trust registration and open the OAuth2 Token Exchange POST request. 
    POST https://{{host}}:8080/platform/19/auth/oauth/oauth2-token-exchanges

Example request: 
{
    "oauth2_client_id":"OAuth-Client-Id from previous step",
    "customer_client_id":"IdP App client-id",
    "customer_metadata_url":"IdP Oauth Metadata Endpoint"
}
  5. Create an Oauth2-Token-Exchange on the PowerScale cluster by sending a POST request to the /platform/19/auth/oauth/oauth2-token-exchanges API with a request body as follows: 
    { 
    "oauth2_client_id":"cirrus-clientid", 
    "customer_client_id":"idp-clientid", 
    "customer_metadata_url": "./well-known/endpoints/metadata" 
} 
{ 
    "oauth2_client_id":"161620db-ea71-4a80-8339-afbb324a39d1", 
    "customer_client_id":"0oagy43lzgXGDJoCh5d7", 
    "customer_metadata_url":"https://YOUR-OKTA-HERE/oauth2/default/.well-known/oauth-authorization-server" 
}
    NOTE:The above request fails when there are missing certificates on the PowerScale system.
  6. To correct a failed request, run the following command:
    # Example <idp-host> == dev244wk26m.us.auth0.com
    openssl s_client -connect <idp-host>:443 -showcerts
  7. Copy the certificates including the -----BEGIN CERTIFICATE----- AND -----END CERTIFICATE----- tags.
  8. Upload the JSON encoded certificate to the PowerScale system using the ADD CERTS POST request in the ONEFS Collection.
  9. Once all the necessary certificates are uploaded, create the token-exchange again.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\