Account Management API is now deprecated and we recommend that you use Account Management functionality built into Elastic Path Commerce 8.2 and later.
- Ensure that all requirements described in the Requirements section are met
- Ensure that you have the URLs for the Account Management user interface, the Account Management API, and Keycloak
- Ensure that Keycloak is configured and deployed.
- Ensure that the
secretvalues are available
- Ensure that the username and password with administrative access to the Master realm in Keycloak is available
- Ensure that the
- Ensure that you have access to the
account-management-2.0.x.zipfile in the Elastic Path Public Nexus repository
- Ensure that the MySQL compatible RDBMS service is provisioned, the schema is initialized, the username and password, and other connectivity details are available
Extract the files in the
Ensure that all contents including the
account-management-apifolder is extracted. This folder contains the code to build the Docker image.
On your computer, build the Docker image using
Push the Docker image to Amazon ECR (Elastic Container Registry).
Deploy the Docker image in Amazon ECS (Elastic Container Service) with appropriate settings.
For more information see the Docker Image Environment Variables section.
Docker Image Environment Variables
|The username of the administrator account in the MySQL Account Management schema
|The password of the administrator account in MySQL Account Management schema
jdbc:mysql//(MySQL Server IP/DNS Name):(MySQL Server Port)/(MySQL Account Management Schema)?characterEncoding=UTF-8
|The Keycloak URI/auth
|The Keycloak URI/auth/realms/id of the realm/protocol/openid-connect/token
|The id of the Realm
|A comma separated list of colon separated client_id and secret values generated when configuring keycloak (e.g.,
|The administrator username
|The administrator password
|The JWT private key. For more information, see the Infrastructure Requirements section
|The JWT public key shared with Elastic Path Commerce. For more information, see the Infrastructure Requirements section
|How long authentication tokens issued to use the Account Management API should be valid for, in seconds (recommendation 3600)
|The Keycloak URL to which the storefront redirects when you login. For example,
|The Keycloak URL to which the storefront redirects when you logout,
The values of
API_DB_CONNECTION_URL parameters are populated to an Extensible Markup Language (XML) file, so ensure that you use XML encoded values for these parameters. For example, instead of using the value,
serverTimezone=UTC&characterEncoding=UTF-8, use the XML encoded value
serverTimezone=UTC&characterEncoding=UTF8 for these parameters.
Validating API Service Deployment
In a browser, navigate to
https://(Account Management API URL)/studio.
Open the Authentication tab and click Authenticate.
Log in with the seller administrator credentials that you created in the Deploying and Configuring Keycloak step. The system redirects you to Account Management Studio.
In the right pane, click Entry Points.
In the Server Defaults field, click associates.
The system displays a successful Helix response consisting of a pagination element and
results: 0, indicating that:
- The Account Management API setup is complete
- The Keycloak and Account Management API integration is successful