Account Management

2.0.x

Deploy Account Management API Service

note

Account Management API is now deprecated and we recommend that you use Account Management functionality built into Elastic Path Commerce 8.2 and later.

Pre-requisites

  • Ensure that all requirements described in the Requirements section are met
  • Ensure that you have the URLs for the Account Management user interface, the Account Management API, and Keycloak
  • Ensure that Keycloak is configured and deployed.
    • Ensure that the client id and secret values are available
    • Ensure that the username and password with administrative access to the Master realm in Keycloak is available
  • Ensure that you have access to the account-management-2.0.x.zip file in the Elastic Path Public Nexus repository
  • Ensure that the MySQL compatible RDBMS service is provisioned, the schema is initialized, the username and password, and other connectivity details are available

Procedure

  1. Extract the files in the account-management-2.0.x.zip.

    Ensure that all contents including the account-management-api folder is extracted. This folder contains the code to build the Docker image.

  2. On your computer, build the Docker image using account-management-api/Dockerfile.

  3. Push the Docker image to Amazon ECR (Elastic Container Registry).

  4. Deploy the Docker image in Amazon ECS (Elastic Container Service) with appropriate settings.

    For more information see the Docker Image Environment Variables section.

Docker Image Environment Variables

ParameterValue
API_DB_DRIVER_CLASSNAMEcom.mysql.jdbc.Driver
API_DB_USERThe username of the administrator account in the MySQL Account Management schema
API_DB_PASSWORDThe password of the administrator account in MySQL Account Management schema
API_DB_CONNECTION_URLjdbc:mysql//(MySQL Server IP/DNS Name):(MySQL Server Port)/(MySQL Account Management Schema)?characterEncoding=UTF-8
AM_IDP_BASE_URIThe Keycloak URI/auth
AM_IDP_TOKEN_ENDPOINTThe Keycloak URI/auth/realms/id of the realm/protocol/openid-connect/token
AM_IDP_REALMThe id of the Realm
AM_IDP_CLIENTSA comma separated list of colon separated client_id and secret values generated when configuring keycloak (e.g., am_ui:4c3a0c25-9cc2-44d8-bca5-5a3e14db1062,studio:7a5be9fc-c96e-4518-ad62-490fe1bdeb9c,storefront:ce102713-750d-494a-84e2-dd3516462001)
AM_IDP_ADMIN_REALMmaster
AM_IDP_ADMIN_CLIENT_IDadmin-cli
AM_IDP_ADMIN_USERNAMEThe administrator username
AM_IDP_ADMIN_PASSWORDThe administrator password
AM_AUTH_JWT_PRIVATE_KEYThe JWT private key. For more information, see the Infrastructure Requirements section
AM_AUTH_JWT_PUBLIC_KEYThe JWT public key shared with Elastic Path Commerce. For more information, see the Infrastructure Requirements section
AM_AUTH_TOKEN_LIFETIME_SECONDSHow long authentication tokens issued to use the Account Management API should be valid for, in seconds (recommendation 3600)
STUDIO_LOGIN_REDIRECT_URLThe Keycloak URL to which the storefront redirects when you login. For example, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/auth)
STUDIO_LOGOUT_REDIRECT_URLThe Keycloak URL to which the storefront redirects when you logout, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/logout
warning

The values of API_DB_USER, API_DB_PASSWORD and API_DB_CONNECTION_URL parameters are populated to an Extensible Markup Language (XML) file, so ensure that you use XML encoded values for these parameters. For example, instead of using the value, serverTimezone=UTC&characterEncoding=UTF-8, use the XML encoded value serverTimezone=UTC&amp;characterEncoding=UTF8 for these parameters.

Validating API Service Deployment

  1. In a browser, navigate to https://(Account Management API URL)/studio.

  2. Open the Authentication tab and click Authenticate.

  3. Log in with the seller administrator credentials that you created in the Deploying and Configuring Keycloak step. The system redirects you to Account Management Studio.

  4. In the right pane, click Entry Points.

  5. In the Server Defaults field, click associates.

    The system displays a successful Helix response consisting of a pagination element and results: 0, indicating that:

    • The Account Management API setup is complete
    • The Keycloak and Account Management API integration is successful
Last updated on 10/4/2022
PreviousDeploy User Interface