isamcfg Security Access Manager appliance configuration worksheet

Description of properties

Select/deselect the capabilities you would like to configure by typing its number.

By default, the tool selects context-based authorization, authentication service, and API protection. You can configure all of them at the same time. If you do not want to configure them all, clear the capability that you do not want to configure by selecting its corresponding number.

Context-based Authorization

Configure this capability if your environment requires the use of behavioral and contextual data analytics to calculate the risk of a transaction.

Authentication service

Configure this capability if your environment requires the use of a step-up authentication type of authentication.

API Protection

Configure this capability if your environment requires the use of an OAuth authentication type to protect your Application Protocol Interface (API).

Security Access Manager for Mobile Local Management Interface hostname

Enter the Local Management Interface hostname or IP address.

Security Access Manager for Mobile Local Management Interface port

Specify the port number of the Local Management Interface. The tool displays a port number.

Example value: 443

Press Enter to use the displayed port or enter your preferred port.

Security Access Manager for Mobile Appliance administrator user ID

Press Enter to use the displayed user ID or enter your preferred user ID.

Security Access Manager for Mobile Appliance administrator password

Enter the corresponding administrator password.

SSL certificate data valid (y/n)

Press y to validate that the displayed SSL certificate values are valid otherwise, press n.

Web Gateway Appliance Local Management Interface hostname

Enter the Web Gateway Appliance Local Management Interface hostname or IP address. The tool might display a value. Press Enter to use the displayed value or enter your preferred hostname or IP address.

Web Gateway Appliance Local Management Interface port

Specify the port number of the Local Management Interface port. The tool displays a port number.

Example value: 443

Press Enter to use the port or enter your preferred port.

Web Gateway Appliance administrator user ID

Press Enter to use the user ID or enter your preferred user ID.

Web Gateway Appliance administrator password

Enter the corresponding Web Gateway Appliance administrator password.

SSL certificate data valid (y/n)

Press y to validated that the displayed SSL certificate values are valid otherwise, press n.

Instance to configure

The tool displays the available instances that you can configure in a list. Select the instance that you would like to configure.

Security Access Manager for Mobile Appliance administrator user ID

Press Enter to use the displayed user ID or enter your preferred user ID.

Security Access Manager for Mobile Appliance administrator password

Enter the corresponding administrator password.

Security Access Manager for Mobile runtime listening interface hostname

Enter the hostname or IP address of the Security Access Manager for Mobile runtime listening interface.

Example value: 172.16.229.10

Security Access Manager for Mobile runtime listening interface port

Specify the port number of the Security Access Manager for Mobile runtime listening interface.

Example value: 443

Select the method for authentication between WebSEAL and the Security Access Manager for Mobile runtime listening interface

Certificate authentication

Use a certificate to authenticate between WebSEAL and the Security Access Manager for Mobile runtime listening interface.

User ID and password authentication

Use credentials to authenticate between WebSEAL and the Security Access Manager for Mobile runtime listening interface.

The default username is easuser and the default password is Passw0rd.

Security Access Manager for Mobile runtime listening interface user ID:

Press Enter to use the displayed user ID or enter your preferred user ID.

Security Access Manager for Mobile runtime listening interface password:

Enter the corresponding Security Access Manager for Mobile runtime listening interface password.

SSL certificate data valid (y/n):

Press y to validated that the displayed SSL certificate values are valid otherwise, press n.

Automatically add CA certificate to the key database (y/n)

Press y if you want to automatically add the CA certificate to the key database, otherwise press n.

Note: Web Reverse Proxy instance restarts if y is selected.

The CA certificate already exists in the key database. Replace the CA certificate? (y/n)

Press y if you want to automatically replace the CA certificate to the key database, otherwise press n.

The following files are available on the Web Gateway Appliance.

Choose one file for the following pages:

• The 400 Bad Request response page. The default page is oauth_template_rsp_400_bad_request.html.
• The 401 Unauthorized response page. The default page is oauth_template_rsp_401_unauthorized.html.
• The 502 Bad Gateway response page. The default page is oauth_template_rsp_502_bad_gateway.html.

If you are not running theisamcfg tool on the appliance, you can choose Cancel to upload a local file.

If you are running theisamcfg tool on the appliance, you must upload your custom response file. Upload the file to the Web Gateway appliance first before you run the isamcfg tool so that the file is displayed as an option. See Uploading OAuth response files.

The junction mga contains endpoints that require Authorization HTTP header to be forwarded to the backend server. Do you want to enable this feature? [y|n]?

Press y to allow endpoints that require Authorization HTTP header to be forwarded to the backend server. Otherwise, press n.

isamcfg tool worksheet