Deploy Account Management API Service
note
Account Management API is now deprecated and we recommend that you use Account Management functionality built into Elastic Path Commerce 8.2 and later.
Pre-requisites
- Ensure that all requirements described in the Requirements section are met.
- Ensure that you have the URLs for the Account Management user interface, the Account Management API, and Keycloak.
- Ensure that Keycloak is configured and deployed.
- Ensure that the
client id
andsecret
values are available. - Ensure that the username and password with administrative access to the Master realm in Keycloak is available.
- Ensure that the
- Ensure that you have access to the
account-management-2.2.x.zip
file in the Elastic Path Public Nexus repository. - Ensure that the MySQL compatible RDBMS service is provisioned, the schema is initialized, the username and password, and other connectivity details are available.
Procedure
Extract the files in the
account-management-2.2.x.zip
.Ensure that all contents including the
account-management-api
folder is extracted. This folder contains the code to build the Docker image.On your computer, build the Docker image using
account-management-api/Dockerfile
.Push the Docker image to Amazon ECR (Elastic Container Registry).
Deploy the Docker image in Amazon ECS (Elastic Container Service) with appropriate settings.
For more information see the Docker Image Environment Variables section.
Docker Image Environment Variables
Parameter | Value |
---|---|
API_DB_USER | The username of the administrator account in the MySQL Account Management schema |
API_DB_PASSWORD | The password of the administrator account in the MySQL Account Management schema |
API_DB_CONNECTION_URL | jdbc:mysql//(MySQL Server IP/DNS Name):(MySQL Server Port)/(MySQL Account Management Schema)?characterEncoding=UTF-8 |
API_FELIX_WEBCONSOLE_USERNAME | The username of the administrator account for the Felix OSGi Web Console |
API_FELIX_WEBCONSOLE_PASSWORD | The password of the administrator account for the Felix OSGi Web Console |
AM_IDP_BASE_URI | The Keycloak URI/auth |
AM_IDP_TOKEN_ENDPOINT | The Keycloak URI/auth/realms/id of the realm/protocol/openid-connect/token |
AM_IDP_REALM | The id of the Realm |
AM_IDP_CLIENTS | A comma separated list of colon separated client_id and secret values generated when configuring keycloak (e.g., am_ui:4c3a0c25-9cc2-44d8-bca5-5a3e14db1062,studio:7a5be9fc-c96e-4518-ad62-490fe1bdeb9c,storefront:ce102713-750d-494a-84e2-dd3516462001 ) |
AM_IDP_ADMIN_REALM | master |
AM_IDP_ADMIN_CLIENT_ID | admin-cli |
AM_IDP_ADMIN_USERNAME | The administrator username |
AM_IDP_ADMIN_PASSWORD | The administrator password |
AM_AUTH_JWT_PRIVATE_KEY | The JWT private key. For more information, see the Infrastructure Requirements section |
AM_AUTH_JWT_PUBLIC_KEY | The JWT public key shared with Elastic Path Commerce. For more information, see the Infrastructure Requirements section |
AM_AUTH_TOKEN_LIFETIME_SECONDS | How long authentication tokens issued to use the Account Management API should be valid for, in seconds (recommendation 3600) |
STUDIO_LOGIN_REDIRECT_URL | The Keycloak URL to which the storefront redirects when you login. For example, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/auth) |
STUDIO_LOGOUT_REDIRECT_URL | The Keycloak URL to which the storefront redirects when you logout, https://<KEYCLOAKURL>/auth/realms/<REALM ID>/protocol/openid-connect/logout |
Validating API Service Deployment
In a browser, navigate to
https://(Account Management API URL)/studio
.Open the Authentication tab and click Authenticate.
Log in with the seller administrator credentials that you created in the Deploying and Configuring Keycloak step. The system redirects you to Account Management Studio.
In the right pane, click Entry Points.
In the Server Defaults field, click associates.
The system displays a successful Helix response consisting of a pagination element and
results: 0
, indicating that:- The Account Management API setup is complete.
- The Keycloak and Account Management API integration is successful.