Setup a Token Profile
The token profile implements OAuth 2.0 and OpenID Connect. In order for Curity to operate as an Authorization Server or OpenID Connect Provider you need at least one token profile.
This tutorial sets up the base of the profile to be used later when adding clients and running flows.
It will link the profile with the authentication profile created in the previous tutorial.
In the top level bar, click Token Profile and then New Profile.
Name and Path prefix
Name the profile, and add a path prefix. This prefix will be used for all endpoints served from this profile.
The profile needs capabilities enabled in order to allow clients to be created. For development purposes it's recommended to enable all capabilities.
The token profile needs a data source to store tokens, select the
main-ds that was created in the initial setup.
The authentication service dropdown contains the authentication service that was created in the previous tutorial. It is used when a user needs to authenticate using a browser, such as in a code flow or an implicit flow.
The keys are used to sign Json Web Tokens (JWTs). If this is a development environment it's ok to select the existing
default-signing-key. Or simply generate a new key for this profile using the generate key button.
Deploy to runtimes
In order for the profile to be active it needs to be deployed to runtime nodes. Select the admin node, and click next.
That's all, go ahead and commit the changes to active the profile.
The token profile is now ready and active. It doesn't yet contain any clients, which will be described in the OAuth and OpenID Connect sections later on.