Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Add API user and callback URL in Hermod

Owned by Karolin Hemmingsson (Unlicensed)
Last updated: Jun 14, 2024 by Josefin Klang (Deactivated)Version comment
3 min read

This article describes how to add a new API user in Hermod to get a unique API key for authentication to the API.

Prerequisites

Step-by-step instruction

Edit configuration file for Hermod docker image

To configure Hermod, do the following:

  1. Open Hermod Config file. 

  2. Navigate to the top-level directory where docker-compose.yml is located. The configuration file should then be found in a config/ directory.

    Example: File structure

    mydir/ |-- cacerts |-- certificates |-- config | |-- application.yml -> cod-hermod.yml | `-- cod-hermod.yml `-- docker-compose.yml

  3. Open the configuration file for editing.

    Example: Command to edit configuration file

    vi config/cod-hermod.yml

Application.yml is a link to cod-hermod.yml. 
Application.yml is the actual file used by the server. 

Edit configuration file for Hermod WAR file

  1. Navigate to and open for editing application.yml.
    Default file path: /wbapps/hermod/WEB-INF/classes/application.yml 

  2. Open a browser and go to the following URL, using a unique <myclientid>:

    Example: Generate client URL

    http://localhost:20400/<contextPath>/<uriBase>/util/generateclient/<myclientid> The default value for /<contextPath>/<uriBase> is /hermod/rest


    Find port number

    All requests below are triggered from the host itself, thus localhost is used.

    The port number (20400 in the example above) might have been assigned a different value. To find out the current port number, do the following:
    For docker:
    Type the command

    For tomcat:
    Check server.xml

  3. Copy the content from the resulting web page and paste it into the allowed-clients section of the configuration file. 

The username and password must match the username and password for the dedicated user that has been added in Identity Manager, see Integrate Identity Manager with Smart ID Messaging.

Example: Generate client

  1. Edit callback-url to receive the callbacks from the Hermod API.
    Also edit username and password if the callback URL requires basic authentication.

  2. Optional - If visual data is to be fetched from an external content provider:

    1. Configure content-provider-url to point to the Content provider API.

    2. Also edit user and pwd if the content provider requires basic authentication.

  3. Save and exit the configuration file.

Refresh configuration and test API key

  1. Refresh the configuration:

    Example: Refresh configuration

  2. Test the new key by sending a request using curl (set THE-NEW-KEY below):

    Example: Test API key

  3. Check the response.

    • If you get a 403 response, you have the wrong API key.

    • If you get a 404 response, then you have the correct API key. A 404 response means that the user api-test isn't found, which is expected at this point.

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions