JanssenProject · ossdhaval · Jul 3, 2024 · Jun 24, 2024 · Jun 24, 2024 · Jul 1, 2024
diff --git a/docs/admin/config-guide/janssen-fido2-configuration.md b/docs/admin/config-guide/janssen-fido2-configuration.md
@@ -7,131 +7,150 @@ tags:
 
 # Janssen FIDO2 Configuration
 
-> Prerequisite: Know how to use the Janssen CLI in [command-line mode](config-tools/jans-cli/README.md)
+The Janssen Server provides multiple configuration tools to perform these 
+tasks.
 
-Using Janssen CLI, You can `get/update` Fido2 properties.
-To get the information of Janssen Fido2 CLI, run the following command:
+=== "Use Command-line"
 
+    Use the command line to perform actions from the terminal. Learn how to 
+    use Jans CLI [here](./config-tools/jans-cli/README.md) or jump straight to 
+    the [Using Command Line](#using-command-line)
+
+=== "Use Text-based UI"
+
+    Use a fully functional text-based user interface from the terminal. 
+    Learn how to use Jans Text-based UI (TUI) 
+    [here](./config-tools/jans-tui/README.md) or jump straight to the
+    [Using Text-based UI](#using-text-based-ui)
+
+=== "Use REST API"
+
+    Use REST API for programmatic access or invoke via tools like CURL or 
+    Postman. Learn how to use Janssen Server Config API 
+    [here](./config-tools/config-api/README.md) or Jump straight to the
+    [Using Configuration REST API](#using-configuration-rest-api)
+
+##  Using Command Line
+
+
+In the Janssen Server, you can deploy and customize the FIDO2 Configuration using the
+command line. To get the details of Janssen command line operations relevant to
+FIDO2 Configuration, you can check the operations under `Fido2Configuration` task using the
+command below:
+
+
+```bash title="Command"
+/opt/jans/jans-cli/config-cli.py --info Fido2Configuration
 ```
-/opt/jans/jans-cli/config-cli.py --info ConfigurationFido2
 
+It will show the details of the available operation-ids for Fido2.
+
+```text title="Sample Output"
 Operation ID: get-properties-fido2
-  Description: Gets Jans Authorization Server Fido2 configuration properties.
+  Description: Gets Jans Authorization Server Fido2 configuration properties
 Operation ID: put-properties-fido2
-  Description: Updates Fido2 configuration properties.
-  Schema: /components/schemas/JansFido2DynConfiguration
+  Description: Updates Fido2 configuration properties
+  Schema: Fido2:AppConfiguration
 
-To get sample shema type /opt/jans/jans-cli/config-cli.py --schema <schma>, for example /opt/jans/jans-cli/config-cli.py --schema /components/schemas/JansFido2DynConfiguration
+To get sample schema type /opt/jans/jans-cli/config-cli.py --schema <schema>, for example /opt/jans/jans-cli/config-cli.py --schema Fido2:AppConfiguration
 ```
 
-Table of Contents
-=================
+### Get The Current Fido2 Configuration
 
-* [Janssen FIDO2 Configuration](#janssen-fido2-configuration)
-  * [Find FIDO2 Configuration Properties](#find-fido2-configuration-properties)
-  * [Update FIDO2 Configuration Properties](#update-fido2-configuration-properties)
+To get the properties of Janssen Fido2 Configuration, run the command below:
 
-## Find FIDO2 Configuration Properties
-
-To get the properties of Janssen Fido2 Configuration, run below command:
-`/opt/jans/jans-cli/config-cli.py --operation-id get-properties-fido2`
+```bash title="Command"
+/opt/jans/jans-cli/config-cli.py --operation-id get-properties-fido2
+```
 
 It will return the result as below:
 
-```text
-Getting access token for scope https://jans.io/oauth/config/fido2.readonly
+```json title="Sample Output" linenums="1"
 {
-  "issuer": "https://testjans.gluu.com",
-  "baseEndpoint": "https://testjans.gluu.com/fido2/restv1",
+  "issuer": "https://jans-project.lxd",
+  "baseEndpoint": "https://jans-project.lxd/jans-fido2/restv1",
   "cleanServiceInterval": 60,
   "cleanServiceBatchChunkSize": 10000,
-  "useLocalCache": false,
-  "disableJdkLogger": false,
-  "loggingLevel": "DEBUG",
+  "useLocalCache": true,
+  "disableJdkLogger": true,
+  "loggingLevel": "INFO",
   "loggingLayout": "text",
-  "externalLoggerConfiguration": null,
   "metricReporterInterval": 300,
   "metricReporterKeepDataDays": 15,
-  "metricReporterEnabled": false,
+  "metricReporterEnabled": true,
   "personCustomObjectClassList": [
     "jansCustomPerson",
     "jansPerson"
   ],
+  "superGluuEnabled": false,
+  "sessionIdPersistInCache": false,
+  "oldU2fMigrationEnabled": true,
+  "errorReasonEnabled": false,
   "fido2Configuration": {
-    "authenticatorCertsFolder": null,
-    "mdsCertsFolder": null,
-    "mdsTocsFolder": null,
-    "serverMetadataFolder": null,
+    "authenticatorCertsFolder": "/etc/jans/conf/fido2/authenticator_cert",
+    "mdsCertsFolder": "/etc/jans/conf/fido2/mds/cert",
+    "mdsTocsFolder": "/etc/jans/conf/fido2/mds/toc",
+    "checkU2fAttestations": false,
+    "userAutoEnrollment": false,
+    "unfinishedRequestExpiration": 180,
+    "authenticationHistoryExpiration": 1296000,
+    "serverMetadataFolder": "/etc/jans/conf/fido2/server_metadata",
+    "requestedCredentialTypes": [
+      "RS256",
+      "ES256"
+    ],
     "requestedParties": [
       {
-        "name": null,
-        "domains": []
+        "name": "https://jans-project.lxd",
+        "domains": [
+          "jans-project.lxd"
+        ]
       }
     ],
-    "userAutoEnrollment": false,
-    "unfinishedRequestExpiration": null,
-    "authenticationHistoryExpiration": null,
-    "requestedCredentialTypes": []
+    "skipDownloadMdsEnabled": false,
+    "skipValidateMdsInAttestationEnabled": false,
+    "assertionOptionsGenerateEndpointEnabled": true
   }
 }
+
 ```
 
-## Update FIDO2 Configuration Properties
+### Update FIDO2 Configuration Properties
 
-To perform this operation, let's check the schema first.
+To update the configuration follow the steps below.
 
-```text
-/opt/jans/jans-cli/config-cli.py --schema /components/schemas/JansFido2DynConfiguration > /tmp/fido2-schema.json
-```
+1. [Get the current configuration](#get-the-current-fido2-configuration) and store it into a file for editing
+2. Edit and update the desired configuration values in the file while keeping other properties and values unchanged. Updates must adhere to the `Fido2:AppConfiguration` schema as mentioned [here](#using-command-line). The schema details can be retrieved using the command below. The schema defines what values and datatypes are acceptable for each property value.
+ ```text title="Command"
+ /opt/jans/jans-cli/config-cli.py --schema Fido2:AppConfiguration
+ ```
+3. Use the updated file to send the update to the Janssen Server using the command below
+ ```bash title="Command"
+  /opt/jans/jans-cli/config-cli.py --operation-id put-properties-fido2 \
+  --data /tmp/conf-data.json
+ ```
+ Upon successful execution of the update, the Janssen Server responds with updated configuration.
 
-This command will create a fido2 schema file on `/tmp/`. You can edit this file depending on the requirements:
 
-![janssen fido2 configuration](../../assets/image-cl-fido2-update-03042021.png)
+##  Using Text-based UI
 
-Now let's do the operation:
+In the Janssen Server, You can manage FIDO2 Configuration using 
+the [Text-Based UI](./config-tools/jans-tui/README.md) also.
 
-```text
-/opt/jans/jans-cli/config-cli.py --operation-id put-properties-fido2 --data /tmp/fido2-schema.json
+You can start TUI using the command below:
 
-Getting access token for scope https://jans.io/oauth/config/fido2.write
-Server Response:
-{
-  "issuer": "https://server.example.com/",
-  "baseEndpoint": "https://server.example.com/fido2/restv1",
-  "cleanServiceInterval": null,
-  "cleanServiceBatchChunkSize": null,
-  "useLocalCache": false,
-  "disableJdkLogger": false,
-  "loggingLevel": "INFO",
-  "loggingLayout": null,
-  "externalLoggerConfiguration": null,
-  "metricReporterInterval": null,
-  "metricReporterKeepDataDays": null,
-  "metricReporterEnabled": true,
-  "personCustomObjectClassList": [],
-  "fido2Configuration": {
-    "authenticatorCertsFolder": null,
-    "mdsCertsFolder": null,
-    "mdsTocsFolder": null,
-    "serverMetadataFolder": null,
-    "requestedParties": [
-      {
-        "name": null,
-        "domains": null
-      },
-      {
-        "name": null,
-        "domains": null
-      }
-    ],
-    "userAutoEnrollment": true,
-    "unfinishedRequestExpiration": null,
-    "authenticationHistoryExpiration": null,
-    "requestedCredentialTypes": []
-  }
-}
+```bash title="Command"
+sudo /opt/jans/jans-cli/jans_cli_tui.py
 ```
 
-You may find that I have updated to `logginglabel:INFO` from `NULL`.
+Navigate to `FIDO` section where administrators can update dynamic and static
+configurations.
+
+
+![image](../../assets/tui-fido2-dynamic-configuration.png)
 
+## Using Configuration REST API
 
+Janssen Server Configuration REST API exposes relevant endpoints for 
+managing and configuring the FIDO2 Configuration. Endpoint details 
+are published in the [Swagger document](./../reference/openapi.md).
diff --git a/docs/assets/tui-fido2-Static-configuration.png b/docs/assets/tui-fido2-Static-configuration.png
diff --git a/docs/assets/tui-fido2-add-party.png b/docs/assets/tui-fido2-add-party.png
diff --git a/docs/assets/tui-fido2-dynamic-configuration.png b/docs/assets/tui-fido2-dynamic-configuration.png