Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add and Manage OAuth Servers

For API security with OAuth server, you must create an OAuth setup in Juniper Security Director Cloud Portal and in the corresponding Identity Provider (IdP). You can add a single OAuth server for authorization. The supported IdPs are Okta and Entra ID (Azure AD).

To add an OAuth server:

  1. Select Administration > API Security.
    The API Security > API Keys page appears.
  2. Click OAuth Servers tab > and +.
    The Create OAuth server page appears.
  3. Enter the OAuth server name.
  4. (Optional) Enter the OAuth server issuer.
  5. Select the public key type for your IdP:

    • Upload Public key—Browse and upload the Privacy Enhanced Mail (PEM) file that is used to store the keys and certificates.

    • Enter URI—Enter the JSON Web Key Set Universal Resource Identifier (jwks_uri) provided by your IdP.

  6. Click OK.
    The added OAuth server is displayed on the API Security > OAuth Servers page.

To set up scopes and to generate a token for IdP, see Okta Documentation and Microsoft Entra documentation.

Ensure that the scope name in the Okta or Microsoft Entra ID IdP configuration is in tenant-id::<oauthservername>::role format. For example, tenant_id_123::test-oauthserver::administrator

Manage OAuth Servers

  • Edit—Select a server, and then click .

    Note:

    Only an administrator can edit OAuth server settings in Juniper Security Director Cloud Portal. An operator can only view the OAuth server settings.

  • Delete—Select a server, and then click .