Hi Troy,
Someone might correct me but I think that OIDC clients may be stored in different places depending on how they are created.
If you create a static OIDC client in the LMI, I think this will get created in the configuration DB. This is why you have to deploy the configuration and reload/restart the AAC runtime before they are active.
If you create a dynamic OIDC client (using APIs or via the .../mga/sps/mga/user/mgmt/html/create_client.html URL) then the client is created in the runtime database and is available for immediate use.
Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
------------------------------
Original Message:
Sent: Wed April 14, 2021 11:47 AM
From: Troy Burkle
Subject: Where does ISAM store OIDC Credentials?
Had a question asked to me and was not really sure the answer as I never really investigated it.
Where does ISAM store the OIDC Client_ID and Client_Secret? My first thought was the Config Database which we have running internally on postgres. Can someone confirm?
Troy
------------------------------
Troy Burkle
------------------------------