Installing AdminUI & IdentityServer

Installing the full AdminUI Beta: AdminUI & Test IdentityServer

If you do not already have a working IdentityServer installation up and running then this walkthrough is for you.

It uses the Docker compose file to install a Docker container that has images for AdminUI plus images for a test IdentityServer & database. It will get you up and running quickly with a full beta test environment.

Note, this environment will not persist data once the container stops running and is only suitable for basic testing.

This walkthrough will assume you already have Docker installed on your machine.

Starting Test Database

To get started, a SQL Server database can be deployed via Docker. This image is available at identityserverregistry.azurecr.io/idxdb and can be downloaded by first authenticating with the registry:

docker login identityserverregistry.azurecr.io

And then supplying the username and password provided as part of the beta program. Note: the password will not be echoed.

Now we can pull the image from the Docker registry:

docker pull identityserverregistry.azurecr.io/idxdb

To start the database we must first create a Docker network using:

docker network create -d bridge netstack

And now we can start the database container itself:

docker run -p 1500:1433 --network netstack -i -t identityserverregistry.azurecr.io/idxdb

This command will take 60 seconds to complete

Once the container has started correctly we can escape the bash prompt using ctrl+p, ctrl+q (Windows).

Finally, we need to find the IP address used by the database container. This will be used later by our IdentityServer and Admin API installations. So lets run:

docker network inspect netstack

And in the output there should be one container running with an IPv4Address. Save this address for now, we will be using it shortly. NB - please do not include the subnet mask after the forward slash, e.g. /16 is not required from the example below

IP Address to save

Docker Compose

Now we want to use a Docker Compose file that will start up our Admin UI, API and Demo IdentityServer, all of which will need to configured to use the database we just started.

We can do this with a docker-compose.yml file, consisting of the following:

version: "3"
services:
  ids:
    image: identityserverregistry.azurecr.io/ids
    ports:
      - "5003:5003"
    environment:
      - DbProvider=SqlServer
      - DbConnectionString=Data Source=w.x.y.z,1433;Initial Catalog=IdentityExpressDB;User ID=SA;Password=Welkom1234!
  client:
    image: identityserverregistry.azurecr.io/idsclient
    ports:
      - "5002:5002"
    environment:
      - AuthorityUrl=http://ids:5003
  web:
    image: identityserverregistry.azurecr.io/idxui
    ports: 
      - "5000:5000"
    environment:
      - UiUrl=http://localhost:5000
      - ApiUrl=http://localhost:5001
      - AuthorityUrl=http://ids:5003
  api:
    image: identityserverregistry.azurecr.io/idxapi
    ports:
      - "5001:5001"
    environment:
      - DbProvider=SqlServer
      - IdentityConnectionString=Data Source=w.x.y.z,1433;Initial Catalog=IdentityExpressDB;User ID=SA;Password=Welkom1234!
      - IdentityServerConnectionString=Data Source=w.x.y.z,1433;Initial Catalog=IdentityExpressDB;User ID=SA;Password=Welkom1234!
      - UiUrl=http://localhost:5000
      - ClientUrl=http://localhost:5002
      - AuthorityUrl=http://ids:5003
      - RunIdentityServerMigrations=true
networks:
  default:
    external:
      name: netstack

In this compose file, we can now replace the IP address in the two database connection strings with the IP address we retrieved earlier. E.g: Data Source=w.x.y.z,1433 becomes Data Source=172.21.0.2,1433.

Now we can run our Docker Compose file. Change directory to the folder that the docker-compose.yml file is located in, and then run the following command:

docker-compose up

First Use

Admin UI

You should now be able to access the IdentityExpress Admin UI on http://localhost:5000 and authenticate using the bootstrap credentials of: Username: info@rocksolidknowledge.com and Password: Password123!

Sample Client Application

A sample client application is also available on http://localhost:5002. This app displays the claims of an authenticated user, and is useful for testing creating users and claim configurations.