Build and Development Guide
This guide contains all the information required for successful deployment and running of Partner Management Portal. It includes information about the Database and roles.
DB scripts
Partner Management Service DB Scripts to be run: DB scripts
Keycloak Roles
mosip-pms-client
needs to have below roles in keycloak:
CREATE_SHARE
DEVICE_PROVIDER
PARTNER
PARTNER_ADMIN
PMS_ADMIN
PMS_USER
PUBLISH_APIKEY_APPROVED_GENERAL
PUBLISH_APIKEY_UPDATED_GENERAL
PUBLISH_CA_CERTIFICATE_UPLOADED_GENERAL
PUBLISH_MISP_LICENSE_GENERATED_GENERAL
PUBLISH_MISP_LICENSE_UPDATED_GENERAL
PUBLISH_OIDC_CLIENT_CREATED_GENERAL
PUBLISH_OIDC_CLIENT_UPDATED_GENERAL
PUBLISH_PARTNER_UPDATED_GENERAL
PUBLISH_POLICY_UPDATED_GENERAL
REGISTRATION_PROCESSOR
SUBSCRIBE_CA_CERTIFICATE_UPLOADED_GENERAL
ZONAL_ADMIN
view-users
(from realm-management roles)view-realm
(from realm-management roles)
Note: To add realm-management roles, you need to run the keycloak-init job
Config Changes
Add below property to partner-management-default.properties file in mosip-config repository to Deploy PMS Revamp 1.3.0-beta.1 release in your env.
## This property is used by kernel-authcodeflowproxy-api to check request is coming from allowed urls not.
auth.allowed.urls=https://${mosip.pmp.host}/
Setup guide for PMS Revamp with different Keymanager versions
This guide outlines the features available in PMS with different Keymanager versions. Features are enabled or disabled based on the specific Keymanager version.
Keymanager - v1.1.5
Download originally uploaded CA certificate
A new endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
has been introduced in Key Manager to download the original CA certificate. However, this endpoint is only available in the latest version of Key Manager. Therefore, this feature must be disabled in PMS to avoid failures or inconsistencies.
To disable this feature, add the following property to the partner-management-default.properties
file in the MOSIP config during deployment.
mosip.pms.ca.signed.partner.certificate.available=false
Download uploaded FTM Certificate
A new endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
has been introduced in Key Manager to download the original CA certificate. However, this endpoint is only available in the latest version of Key Manager. Therefore, this feature must be disabled in PMS to avoid failures or inconsistencies.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.ca.signed.partner.certificate.available=false
Trust Certificates List
The endpoint /v1/keymanager/getCaCertificates
was added in the latest version of Key Manager to get the list of trusted certificates. It is not available in v1.1.5, so this feature must be disabled in PMS to avoid failures.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
Download Trust Certificate
The endpoint /v1/keymanager/getCACertificateTrustPath/{caCertId}
was introduced in the latest version of Key Manager to download the trust certificate. Since it is not available in v1.1.5, this feature must be disabled in PMS to avoid failures.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
OIDC
Since Esignet is not included in this version, the related feature should be disabled in PMS.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.oidc.client.available=false
Email Templates
Email templates are not pre-loaded in Master Data Service. Global Admin must load the necessary templates manually as part of deployment process.
To load the email templates manually, please refer to the steps here.
Keymanager - v1.2.0.1
Download originally uploaded CA certificate
A new endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
has been introduced in Key Manager to download the original CA certificate. However, this endpoint is only available in the latest version of Key Manager. Therefore, this feature has to disabled in PMS to avoid failures.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.ca.signed.partner.certificate.available=false
Download uploaded FTM Certificate
A new endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
has been introduced in Key Manager to download the original CA certificate. However, this endpoint is only available in the latest version of Key Manager. Therefore, this feature must be disabled in PMS to avoid failures or inconsistencies.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.ca.signed.partner.certificate.available=false
Trust Certificates List
The endpoint /v1/keymanager/getCaCertificates
was added in the latest version of Key Manager to get the list of trusted certificates. It is not available in v1.2.0.1, So this feature must be disabled in PMS to avoid failures or inconsistencies.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
Download Trust Certificate
The endpoint /v1/keymanager/getCACertificateTrustPath/{caCertId}
was introduced in the latest version of Key Manager to download the trust certificate. Since it is not available in v1.2.0.1, this feature must be disabled in PMS to avoid failures or inconsistencies.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
OIDC
Esignet is available in this version, the related feature is enabled in PMS.
Email Templates
Email templates are not pre-loaded in Master Data Service. Global Admin must load the necessary templates manually as part of deployment process.
To load the email templates manually, please refer to the steps here.
Keymanager - v1.2.1.0
Download originally uploaded CA certificate
The endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
is available in keymanager v1.3.0-beta.2. So this feature is enabled in PMS.
Download uploaded FTM Certificate
The endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
is available in keymanager v1.3.0-beta.2. So this feature is enabled in PMS.
Trust Certificates List
The endpoint /v1/keymanager/getCaCertificates
was added in the latest version of Key Manager to get the list of trusted certificates. It is not available in v1.2.1.0, so this feature must be disabled in PMS to avoid failures or inconsistencies.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
Download Trust Certificate
The endpoint /v1/keymanager/getCACertificateTrustPath/{caCertId}
was introduced in the latest version of Key Manager to download the trust certificate. Since it is not available in v1.2.1.0, this feature must be disabled in PMS to avoid failures or inconsistencies.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
OIDC
Esignet is available in this version, the related feature is enabled in PMS.
Email Templates
Email templates are not pre-loaded in Master Data Service. Global Admin must load the necessary templates manually as part of deployment process.
To load the email templates manually, please refer to the steps here.
Keymanager - v1.3.0-beta.1
Download originally uploaded CA certificate
A new endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
has been introduced in Key Manager to download the original CA certificate. However, this endpoint is only available in the latest version of Key Manager. Therefore, this feature must be disabled in PMS to avoid failures.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.ca.signed.partner.certificate.available=false
Download uploaded FTM Certificate
A new endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
has been introduced in Key Manager to download the original CA certificate. However, this endpoint is only available in the latest version of Key Manager. Therefore, this feature must be disabled in PMS to avoid failures.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.ca.signed.partner.certificate.available=false
Trust Certificates List
The endpoint /v1/keymanager/getCaCertificates
was added in the latest version of Key Manager to get the list of trusted certificates. It is not available in v1.3.0-beta.1, so this feature must be disabled in PMS to avoid failures.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
Download Trust Certificate
The endpoint /v1/keymanager/getCACertificateTrustPath/{caCertId}
was introduced in the latest version of Key Manager to download the trust certificate. Since it is not available in v1.3.0-beta.1, this feature must be disabled in PMS to avoid failures.
To disable this feature, add the following property to the partner-management-default.properties file in the MOSIP config during deployment.
mosip.pms.root.and.intermediate.certificates.available=false
OIDC
Esignet is available in this version, the related feature is enabled in PMS.
Email Templates
Email templates are not pre-loaded in Master Data Service. Global Admin must load the necessary templates manually as part of deployment process.
To load the email templates manually, please refer to the steps here.
Keymanager - v1.3.0-beta.2
Download originally uploaded CA certificate
The endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
is available in keymanager v1.3.0-beta.2. So this feature is enabled in PMS.
Download uploaded FTM Certificate
The endpoint /v1/keymanager/getPartnerSignedCertificate/{partnerCertId}
is available in keymanager v1.3.0-beta.2. So this feature is enabled in PMS.
Trust Certificates List
The endpoint /v1/keymanager/getCaCertificates
is available in keymanager v1.3.0-beta.2. So this feature is enabled in PMS.
Download Trust Certificate
The endpoint /v1/keymanager/getCACertificateTrustPath/{caCertId}
is available in keymanager v1.3.0-beta.2. So this feature is enabled in PMS.
OIDC
Esignet is available in this version, the related feature is enabled in PMS.
Email Templates
Email templates are not pre-loaded in Master Data Service. Global Admin must load the necessary templates manually as part of deployment process.
To load the email templates manually, please refer to the steps here.
Last updated
Was this helpful?