To install LinOPT service, please follow the next steps.
The docker service is required to run the LinOPT service
Portainer is an optional UI to manager the docker service easily.
The LinOTP service only works with mariadb, you could use the mariadb container or another existing mariadb database in your environment.
- Dpockerhub: https://hub.docker.com/_/mariadb
Configure the external service
Create linotp database
It is required to create the linotp database.
Create table usertable
After the installation of MariaDB and the creation of the database, it is required to create this table to allow Soffid to manage users.
Add a user/pass and grants
The user/pass will be used when the linout container will be created.
Create LinOTP container
Create the soffid/linotp container: https://hub.docker.com/r/soffid/linotp
- Publish the port 443 of the container to 1443
To access the LinOTP web console: https://localhost:1443/manage
- The user is admin and the password is the one configured previously as the environment attribute ADMIN_PASSWORD
Create SQL Resolver
In the LinOTP web console go to: Configuration LinOTP > UserIdResolvers > New (button) > SQL (type)
Now use the attributes below:
This is the attribute mapping:
Create a Realm
Mapping to the agent to manage LinOTP users
Finally to allow to manage user accounts with LinOTP it is required to create a rest agent with the next mapping against the LinOTP service.
The mapping: agent-configuration-linotp.xml
Enable the service in Soffid
After the installation and configuration of the service you should include in the Soffid configuration
Please follow the steps of this link Authentication methods#EnableLinOTPintegration and then the next section Authentication methods#SecondFactorAuthenticationconfiguration.