1
00:00:00,360 --> 00:00:06,840
Like we're discussing in the previous lecture, we had to create and claim to details and the user details

2
00:00:06,990 --> 00:00:14,030
so that we can start leveraging them inside what framework that we are going to implement in the scenario

3
00:00:14,370 --> 00:00:19,380
where like a Web application trying to invoke the EPA's present inside that resource, someone.

4
00:00:19,620 --> 00:00:20,400
So far the same.

5
00:00:20,670 --> 00:00:22,710
I came to the admin console.

6
00:00:22,950 --> 00:00:25,380
The real mechanism is a bank do.

7
00:00:25,590 --> 00:00:27,180
So I'm just clicking clients.

8
00:00:27,510 --> 00:00:29,490
So I'm trying to create a new client.

9
00:00:29,760 --> 00:00:31,680
That's why I'm clicking create here.

10
00:00:32,100 --> 00:00:37,050
So here claim to I.D. I will give you easy UI client.

11
00:00:37,320 --> 00:00:41,880
And definitely this also has to be open and reconnect and then click sale.

12
00:00:42,270 --> 00:00:45,840
So here we have to be very careful while choosing the options.

13
00:00:46,200 --> 00:00:53,040
Since we decided we have to use authorization code, a grant type, it is by default enabled, which

14
00:00:53,040 --> 00:00:54,510
is standard flow enabled.

15
00:00:54,720 --> 00:01:00,750
So you can see here this is the one which supports authorization, court of law, grant type insight

16
00:01:00,810 --> 00:01:07,460
or to framework and definitely access type should be confidential because you'll have a client daily

17
00:01:07,530 --> 00:01:08,760
and client secret.

18
00:01:09,120 --> 00:01:11,640
So with this convocations, we should be good.

19
00:01:11,830 --> 00:01:15,430
But we just have to add value redirect.

20
00:01:15,450 --> 00:01:16,500
You are also.

21
00:01:16,650 --> 00:01:20,130
For now, I'll just mention his sample redirect.

22
00:01:20,130 --> 00:01:21,090
You are evictees.

23
00:01:21,090 --> 00:01:21,930
History type.

24
00:01:22,320 --> 00:01:24,090
Local host.

25
00:01:24,180 --> 00:01:27,960
Eighty eighty one SLAs sample.

26
00:01:28,260 --> 00:01:29,790
So it can give you any redirect.

27
00:01:29,820 --> 00:01:30,650
You are fano.

28
00:01:30,840 --> 00:01:38,490
But in real world scenario, this is that important configuration that you had to configure properly.

29
00:01:38,550 --> 00:01:40,650
The reason is you are quick.

30
00:01:40,650 --> 00:01:47,970
Luxo will redirect the user after providing an access token to that redirect page.

31
00:01:48,210 --> 00:01:55,560
So this is the page which will stop hackers from hacking the access token, because by mentioning the

32
00:01:55,560 --> 00:02:03,390
redirect, you are you are bringing back the user from the key clock or to server page to your own server

33
00:02:03,390 --> 00:02:03,930
page.

34
00:02:03,990 --> 00:02:07,620
So that's why valid redirect uara is very important for now.

35
00:02:07,620 --> 00:02:10,639
I just configured localhost 88 one sample.

36
00:02:11,039 --> 00:02:14,470
So with this, we should be good with all the default configurations.

37
00:02:14,520 --> 00:02:19,470
I'm just clicking save here and I should have got credentials also.

38
00:02:19,770 --> 00:02:21,030
So we have credentials.

39
00:02:21,300 --> 00:02:29,280
Now, we created a successful client that I can use during or to operation code grant type.

40
00:02:29,490 --> 00:02:31,650
So now I knew end user also.

41
00:02:31,950 --> 00:02:34,340
So I'll create our user here.

42
00:02:34,350 --> 00:02:36,840
User name alue accounts.

43
00:02:37,230 --> 00:02:42,300
E-mail is accounts aderet easy bytes dot com.

44
00:02:42,630 --> 00:02:45,090
So the first name is account's.

45
00:02:45,240 --> 00:02:48,030
Last name is Easy Bytes.

46
00:02:48,330 --> 00:02:53,430
So here you also have an flexibility whether user should be enabled or disabled.

47
00:02:53,850 --> 00:02:59,730
Like if you have a scenario where you want to disable and user, you can use this feature to enable

48
00:02:59,730 --> 00:03:01,590
and disable by toggling it.

49
00:03:01,990 --> 00:03:06,360
Ah, you can also do that by invoking rest APIs exposed by the key clock.

50
00:03:06,570 --> 00:03:10,620
So for now, I am keeping the user enabled and email verified.

51
00:03:10,620 --> 00:03:11,500
Also, I'm keeping.

52
00:03:11,520 --> 00:03:11,940
Yes.

53
00:03:12,180 --> 00:03:14,730
I also have an option of adding him to a group.

54
00:03:15,030 --> 00:03:17,860
But for now, I don't want to add to any group.

55
00:03:17,880 --> 00:03:19,170
I'm just clicking sale.

56
00:03:19,380 --> 00:03:26,010
So once that user is created, you can go to credentials to set a password, which can be used as a

57
00:03:26,010 --> 00:03:28,160
temporary or permanent ways.

58
00:03:28,290 --> 00:03:30,960
So I'm just setting a password one, two, three, four, five.

59
00:03:31,380 --> 00:03:33,890
So this password, I don't want to be temporary.

60
00:03:33,900 --> 00:03:35,250
I want to be permanent.

61
00:03:35,610 --> 00:03:41,740
If you keep temporary, it will force the user to change it whenever they're trying to log in very first.

62
00:03:42,030 --> 00:03:48,600
So now, since it is five, just only for testing, I just disable the temporary do off and roll mapping.

63
00:03:48,600 --> 00:03:49,500
Also, we can give.

64
00:03:49,680 --> 00:03:52,530
So we have two types of rules, admin and user.

65
00:03:52,770 --> 00:03:58,260
So I'm just selecting add selector and I assign roles also to the user that I have created, just no

66
00:03:58,260 --> 00:03:59,280
witness accounts.

67
00:03:59,580 --> 00:04:05,190
So we can go and see all the users created, which is accounts like these are all the details that we

68
00:04:05,190 --> 00:04:10,470
provide a user name, email, first name, user name, email, verify.

69
00:04:10,650 --> 00:04:11,490
I'm Karen Schultz.

70
00:04:11,490 --> 00:04:14,940
Also, we said one, two, three, four, five previously.

71
00:04:15,210 --> 00:04:20,279
But if we want to change again and again, you can come on to the page and change role mappings will

72
00:04:20,279 --> 00:04:22,560
allow you to assign roles to the user.

73
00:04:22,800 --> 00:04:32,310
So this way we created a client and user details which we can use during attrition to grant a flow in

74
00:04:32,310 --> 00:04:33,150
the next lecture.

75
00:04:33,360 --> 00:04:41,730
Let's try to leverage this claim details and user details and test the or to authorization code grant

76
00:04:41,730 --> 00:04:49,290
type foster with the posthuman post that we can start integrating that with then Web application.

77
00:04:49,380 --> 00:04:49,830
Thank you.

78
00:04:49,830 --> 00:04:51,600
And then see you in that next lecture by.