Skip to content

Commit 6e2d7c6

Browse files
padamstxpadamstx
committed
docs: add clarification about IAM token service endpoint
1 parent c3eb101 commit 6e2d7c6

File tree

1 file changed

+18
-0
lines changed

1 file changed

+18
-0
lines changed

Authentication.md

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -198,6 +198,15 @@ form:
198198
- URL: (optional) The base endpoint URL of the IAM token service.
199199
The default value of this property is the "prod" IAM token service endpoint
200200
(`https://iam.cloud.ibm.com`).
201+
Make sure that you use an IAM token service endpoint that is appropriate for the
202+
location of the service being used by your application.
203+
For example, if you are using an instance of a service in the "production" environment
204+
(e.g. `https://resource-controller.cloud.ibm.com`),
205+
then the default "prod" IAM token service endpoint should suffice.
206+
However, if your application is using an instance of a service in the "staging" environment
207+
(e.g. `https://resource-controller.test.cloud.ibm.com`),
208+
then you would also need to configure the authenticator to use the IAM token service "staging"
209+
endpoint as well (`https://iam.test.cloud.ibm.com`).
201210

202211
- ClientId/ClientSecret: (optional) The `ClientId` and `ClientSecret` fields are used to form a
203212
"basic auth" Authorization header for interactions with the IAM token server. If neither field
@@ -309,6 +318,15 @@ One of `IAMProfileName` or `IAMProfileID` must be specified.
309318
- URL: (optional) The base endpoint URL of the IAM token service.
310319
The default value of this property is the "prod" IAM token service endpoint
311320
(`https://iam.cloud.ibm.com`).
321+
Make sure that you use an IAM token service endpoint that is appropriate for the
322+
location of the service being used by your application.
323+
For example, if you are using an instance of a service in the "production" environment
324+
(e.g. `https://resource-controller.cloud.ibm.com`),
325+
then the default "prod" IAM token service endpoint should suffice.
326+
However, if your application is using an instance of a service in the "staging" environment
327+
(e.g. `https://resource-controller.test.cloud.ibm.com`),
328+
then you would also need to configure the authenticator to use the IAM token service "staging"
329+
endpoint as well (e.g. `https://iam.test.cloud.ibm.com`).
312330

313331
- ClientId/ClientSecret: (optional) The `ClientId` and `ClientSecret` fields are used to form a
314332
"basic auth" Authorization header for interactions with the IAM token service. If neither field

0 commit comments

Comments
 (0)