Deploy FoxIDs in your Azure tenant.
The Azure deployment include:
masterbranch with Kudu. When the branch is updated an automatically deployment update is initiated with webhooks. Deployment updates is automatically promoted from the test slots to the production slots. In a production environment It is recommended to chanting the production promotion to manually initiated.
FoxIDs relay on Sendgrid to send emails to the users for account verification and password reset.
You can optionally configure a Sendgrid from email address and Sendgrid API key in the Azure deployment configuration. You can either create Sendgrid in Azure or directly on Sendgrid, there are more free emails in an Azure manage Sendgrid.
Remember to setup up domain authentication in Sendgrid for the from email.
A Sendgrid from email address and API Key can at a later time be configure per track.
After successfully deployment open FoxIDs Control Client on
https://foxidscontrolxxxxxxxxxx.azurewebsites.net (the app service starting with foxidscontrol...) which brings you to the master tenant.
The default admin user is:
[email protected]with password:
FirstAccess!(you are required to change the password on first login)
Create your one admin users with a valid email address and grant the users the admin role 'foxids:tenant.admin'.
Key Vault soft deleted If you have deleted a previous deployment the Key Vault is only soft deleted and sill exist with the same name for some months. In this case you can experience getting a 'ConflictError' with the error message 'Exist soft deleted vault with the same name.'.
The solution is to delete (purge) the old Key Vault, which will release the name.
You can upload risk passwrods in FoxIDs Control Client master tenant on the Risk Passwords tap.
SHA-1 pwned passwords
ordered by prevalence from haveibeenpwned.com/passwords.
Be aware that it takes some time to upload all risk passwords. This step can be omitted and postponed to later.
The risk passwords are uploaded as bulk which has a higher consumption. Please make sure to adjust the Cosmos DB provisioned throughput (e.g. to 20000 RU/s) temporarily.
It is possible to run the sample applications after they are configured in a FoxIDs track. The sample configuration can be added with the sample seed tool.
The FoxIDs and FoxIDs Control domains can be customized.
Important: change the primary domain before adding tenants.
FoxIDs default domain is
https://foxidsxxxx.azurewebsites.net which can be changed to a custom a domain like e.g.
FoxIDs Control default domain is
https://foxidscontrolxxxx.azurewebsites.net which can be changed to a domain like e.g.
Custom domains are configured in Azure portal on the FoxIDs App Service and the FoxIDs Control App Service production slot under the
Custom domains tab and by clicking the
Add custom domain link. The FoxIDs site support one primary domain and multiple secondary domains, where the FoxIDs Control only support one primary domain.
Additionally primary custom domain configuration:
Partiesmenu and under
Down Partiesselect click
OpenID Connect - foxids_control_clientand click
Show advanced settings.
Allow CORS originslist without a trailing slash.
Redirect URIslist including the trailing
If you have added tenants before changing the primary domain, the
OpenID Connect - foxids_control_clientconfiguration have to be done in each tenant.
Applications settingssub tab:
Settings:FoxIDsEndpointis changed to the FoxIDs sites primary custom domains.
Settings:FoxIDsControlEndpointis changed to the FoxIDs Control sites primary custom domains.