Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

How can I find the OAuth secrets generated by Jazz setup?


Installed the LQE application into an existing CLM setup containing JTS, CCM, QM, RM, DCC and Report Builder. The installation went fine and everything was working. 

Then I tried to add the LQE as a data source in Report Builder.  Couldn't find the consumer secret that was used by Jazz Setup (I know it's hidden for a reason...), so I changed the secret on the JTS Consumer page and was able to register the Data Source with the new Secret.

Then - LQE started throwing Unauthorized errors.  Not surprising since I changed the secret. So I went into lqe.properties, changed lqe.config.Mode to true and restarted LQE.  Changed the Secret on the Config page when it came up and everything appeared good.

Now - all Data Sources that connect through JTS (jts and rm) are busted.  Once again, this is not surprising.  Before I fix these though, this seems like an awful lot of work.   How can I find the original OAuth secret?  I look in all the config files I could think of.  Or is it just not in a file for security reasons?

Thanks,
Fran Kemp


0 votes



One answer

Permanent link
 Hi Fran,

I don't know of any easy way to find the consumer secret that is used when you register an app in Jazz Setup.  However, if LQE and Report Builder are registered with the same JTS, you don't need to manually add the LQE data source (and so, you don't need to know the consumer secret).  Instead, to add the LQE data source, go into the Report Builder admin page (rs/setup), and click on "Connect to data sources".  This will add the LQE data source (if it didn't already exist).

0 votes

Comments

Alanna,

This is the first time that I've ever added LQE to an existing Jazz server - didn't realize that the "Connect to data sources" button would add the LQE data source automagically.  Wish I would have tried that!  :)   Please have that added to the documentation if it isn't already there.

I got everything working after changing the secret so it's all good but I will try it your way next time. 

More of a general question - but why hide the automatically generated secrets?  I understand the security issues but legit admins will need them on occasion.

Thanks,
Fran


I don't know why there isn't some way for an administrator to retrieve the secrets generated during set up (though as you point out, this would be subject to security restrictions).  I can say that I've almost never come across a scenario where those values are needed - there is usually a way to automatically set up communication between apps on the same JTS without needing to know the secret (as in the Connect to Data Sources example).

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,566
× 2,369
× 73
× 36

Question asked: May 26 '16, 4:15 p.m.

Question was seen: 4,103 times

Last updated: Jun 01 '16, 9:47 a.m.

Confirmation Cancel Confirm