QuickStart
Authentication Basics
To be authenticated, it is necessary to validate a client in Across Identity Server (AIS).
To do this on the server on which Across Identity Server is installed (which is usually the Across Core server), edit the file %Across Installation Folder%\Across.IdentityServer\appsettings.json and add the Clients section. It is required to restart Across Identity Server to apply the configuration changes (i.e. restart the Across.IdentityServer application pool in IIS).
Before copying the example below, delete the scopes from AllowedScopes which start with crossTerm.* and/or crossTank.* if they are unlicensed in your installation, e.g., delete the crossterm.api.writeonly scope if you don't have a crossTerm Workflows license. Otherwise, the token won't be granted and an exception will be returned.
The appsettings.json File
"Clients": [ { "ClientId": "MyAcrossApp", "ClientName": "MyAcrossApp", "AllowedScopes": [ "openid", "profile", "email", "rights", "groups", "crossterm.api.readonly", "crossterm.api.writeonly", "crosstank.api.readonly", "crosstank.api.writeonly" ], "PlainClientSecrets": "secret", "AllowedGrantTypes": [ "password" ] } ]
Client Authentication
A possible client authentication can look like this:
Parameter | Value |
startAuthentication type | OAuth 2.0 |
Grant type | Resource Owner Password Credentials |
Username | Valid Across user login, e.g. "Default" |
Password | Password of the corresponding user |
Access token URL | http://sitename/AcrossIdentityServer/connect/token |
Client ID | MyAcrossApp (or any other name, be sure it matches with the Client ID in Across Identity Server configuration) |
Client secret | secret |