You can create a template to enable a group of clients to register dynamically with the VMware Identity Manager service to allow users access to a specific application.
About this task
- In the administration console Catalog tab, select .
- Click Templates.
- Click Create Template.
- On the Create Template page, enter the following information about the application.
Enter a unique name that identifies this template.
Select Identity Manager
Select the information that the token contains. When you select NAAPS, OpenID is also selected.
Enter the registered redirect URI.
Select Bearer. This attribute tells the application what type of access token it was given. For VMware Identity Manager, the tokens are bearer tokens.
Leave the default setting, 32 Bytes.
Issue Refresh Token
To use refresh tokens, leave this option enabled.
Access Token TTL
Set the access token time to live length. The access token expires based on the TTL set inAccess Token Time-To-Live. If Issue Refresh Token is enabled, when the access token expires, the application uses the refresh token to request a new access token.
Refresh Token TTL
Set the Refresh Token time to live. New access tokens can be requested until the refresh token expires.
Idle Token Time-to-Live (TTL)
Configure how long a refresh token can be idle before it cannot be used again.
Do not check Prompt users for access.
- Click Add.
What to do next
In the resource application, set up the VMware Identity Manager service URL as the site that supports integrated authentication.