Deploy Account Management API Service
note
Account Management API is now deprecated and we recommend that you use Account Management functionality built into Elastic Path Commerce 8.2 and later.
Pre-requisites
- Ensure that all requirements described in the Requirements section are met
- Ensure that you have the URLs for the Account Management user interface, the Account Management API, and Keycloak
- Ensure that Keycloak is configured and deployed.
- Ensure that the
client id
andsecret
values are available - Ensure that the username and password with administrative access to the Master realm in Keycloak is available
- Ensure that the
- Ensure that you have access to the
account-management-1.0.0.zip
file in the Elastic Path Public Nexus repository - Ensure that the MySQL compatible RDBMS service is provisioned, the schema is initialized, the username and password, and other connectivity details are available
Procedure
- Extract the files in the
account-management-1.0.0.zip
- The zip file should extract its contents including the folder
account-management-api
, which contains the code used in this step
- The zip file should extract its contents including the folder
- Build the docker image (using
account-management-api/Dockerfile
) on your local machine - Push the Docker image to Amazon ECR (Elastic Container Registry)
- Deploy the Docker image in Amazon ECS (Elastic Container Service) with the following environment variables:
Parameter | Value |
---|---|
API_DB_DRIVER_CLASSNAME | com.mysql.jdbc.Driver |
API_DB_USER | The username of the administrator account in the MySQL Account Management schema |
API_DB_PASSWORD | The password of the administrator account in MySQL Account Management schema |
API_DB_CONNECTION_URL | jdbc:mysql//(MySQL Server IP/DNS Name):(MySQL Server Port)/(MySQL Account Management Schema)?characterEncoding=UTF-8 |
EAM_IDP_BASE_URI | The Keycloak URI/auth |
EAM_IDP_TOKEN_ENDPOINT | The Keycloak URI/auth/realms/id of the realm/protocol/openid-connect/token |
EAM_IDP_REALM | The id of the Realm |
EAM_IDP_CLIENT_ID | eam |
EAM_IDP_CLIENT_SECRET | The secret generated when configured Keycloak |
EAM_IDP_ADMIN_REALM | master |
EAM_IDP_ADMIN_CLIENT_ID | admin-cli |
EAM_IDP_ADMIN_USERNAME | The administrator username |
EAM_IDP_ADMIN_PASSWORD | The administrator password |
EAM_AUTH_JWT_PRIVATE_KEY | The JWT private key. For more information, see the Infrastructure Requirements section |
EAM_AUTH_JWT_PUBLIC_KEY | The JWT public key shared with Elastic Path Commerce. For more information, see the Infrastructure Requirements section |
STUDIO_LOGIN_REDIRECT_URL | The Keycloak URL to which the storefront redirects when you login. For example, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/auth) |
STUDIO_LOGOUT_REDIRECT_URL | The Keycloak URL to which the storefront redirects when you logout, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/logout |
Warning: the the API_DB_USER
, API_DB_PASSWORD
and API_DB_CONNECTION_URL
are used to populate an extensible markup language (XML) file and so will need to be XML encoded (e.g., serverTimezone=UTC&characterEncoding=UTF-8
)
Validate API Service Deployment
- In a browser, navigate to
https://(Account Management API URL)/studio
- Open the Authentication section and click Authenticate
- Log in as the seller administrator created in the Deploying and Configuring Keycloak step
- The system redirects you to Account Management Studio
- Click Entry Points
- In the Server Defaults field, click associates
- The system displays a successful Helix response consisting of a pagination element and
results: 0
, indicating that:- The Account Management API setup is complete
- The Keycloak and Account Management API integration is successful
- The system displays a successful Helix response consisting of a pagination element and