In this guide, we will integrate Ironchip with Boundary to add a layer of security by using Ironchip's passwordless login. ## Requirements - Have a deployed Boundary - Have access to the Ironchip panel
Boundary
Go to Authentication Methods.
Create a new method using OIDC.
-png.png?width=688&height=415&name=Untitled%20(39)-png.png)
Give it an identifying name and enter something random in Client ID and Client Secret so it lets you save, we will modify it later.
-png.png?width=682&height=749&name=Untitled%20(40)-png.png)
In the API URL Prefix section, enter the access address to Boundary. Upon saving, it will return a URL that we will use in Ironchip.
-png.png?width=682&height=224&name=Untitled%20(42)-png.png)
On the Ironchip panel, create a new OIDC application and write down the URL obtained.
- Download the document with the necessary IDs.
- Add the users you want to the application.
-png.png?width=626&height=786&name=Untitled%20(43)-png.png)
-png.png?width=679&height=381&name=Untitled%20(44)-png.png)
Back in Boundary, enter this data in the corresponding fields.
-png.png?width=685&height=665&name=Untitled%20(45)-png.png)
And finally, add the following fields to their corresponding place. (See image)
-png.png?width=686&height=811&name=Untitled%20(46)-png.png)
Common errors
- The docker machine is unable to resolve the domain ironchip.com, add it to the /etc/hosts file of the domain resolution machine.
- When checking the issuer, **https://idp.ironchip.com/oidc/** appears and an error occurs, remove the / at the end to correct it.
Verification
To verify its operation, simply log out and log back in with the Ironchip option.
Enter the credentials of the user added to the Ironchip application, and authorize through the mobile or desktop app notification.
-png.png?width=290&height=285&name=Untitled%20(47)-png.png)
If you want to, add these credentials to the Boundary administrator to have permissions with this user.