The following describes how to the install the API Server.

To install the API Server

1. Launch autorun.exe from the root directory of the One Identity Manager installation medium.

2. On the start page of the installation wizard, switch to the Installation tab in the navigation on the left.

3. Click Install next to Web-based components.

   This starts the Web Installer.

4. On the Web Installer start page, click Install API Server.

5. Click Next.

6. On the Database connection page, do the following:

   TIP: One Identity recommends using an AppServer connection.

   • To use an existing connection to the One Identity Manager database, select it in the Select a database connection menu.

     - OR -

   • To create a new connection to the One Identity Manager database, click Add new connection and enter a new connection .

7. Select the authentication method and enter the login data for the database under Authentication method.

8. Click Next.

9. On the Installation source page, do the following:

   • To retrieve the installation data from the database, activate the Database option.

     - OR -

   • to retrieve the installation data from the installation media (for example, from the hard drive), activate the File system option and enter the path.

10. Configure the following settings on the Select setup target page.

    Table 33: Settings for the installation target

    Setting	Description
    Application name	Name used as application name, as in the title bar of the browser, for example.
    Target in IIS	Internet Information Services web page on which to install the application.
    Enforce SSL	Specifies whether the API Server web page can only be opened over an encrypted connection.
    URL	The application's Uniform Resource Locator (URL).
    Install dedicated application pool	Specifies whether an application pool is installed for each application. This allows applications to be set up independently of one another. If this option is set, each application is installed in its own application pool.
    Application pool	The application pool to use. This can only be entered if the option Install dedicated application pool is not set. If you use the default value DefaultAppPool, the application pool has the following syntax: <application name>_POOL
    Identity	Permissions for executing an application pool. You can use a default identity or a custom user account. If you use the ApplicationPoolIdentity default value, the user account has the following syntax: IIS APPPOOL\<application name>_POOL You can authorize another user by clicking ... next to the box, enabling the option Custom account and entering the user and password.
    Web authentication	Specifies the type for authentication against the web application. You have the following options: Windows authentication (single sign-on) The user is authenticated against the Internet Information Services using their Windows user account. The web application logs in the employee assigned to the user account as role-based. If single sign-on is not possible, the user is diverted to a login page. You can only select this authentication method is Windows authentication is installed. Anonymous Login is possible without Windows authentication. The user is authenticated against the Internet Information Services and the web application anonymously. The web application is rerouted to a login page.
    Database authentication	NOTE: You can only see this pane if you have selected a SQL database connection on the Database connection page. Specifies the type for authentication against the One Identity Manager database. You have the following options: Windows authentication The web application is authenticated against the One Identity Manager database with the same Windows user account that your application pool uses. Login is possible with a user-defined user account or a default identity for the application pool. SQL authentication Login is only possible through a user-defined user account. Authentication is done using user name and password. This access data is saved in the web application configuration as computer specific encrypted.

11. Click Next.

    If you have selected a direct database connection in step 4, the Select application server page appears. Application server data is required if you want to use full text search. You can enter the application server in the configuration file at a later date.

12. (Optional) Configure the following settings on the Select application server page.

    NOTE: If you would like to use the full text search, then you must specify an application server. You can enter the application server in the configuration file at a later date.

    1. Click Select application server.

    2. Enter the application server's web address in the URL field.

    3. Click OK.

13. On the Select application server page, click Next.

14. On the Set session token certificate page, select the certificate for creating and checking session tokens. Perform one of the following tasks:

    • To use an existing certificate:

      1. In the Session token certificate list, select Use existing certificate.

      2. Select an existing certificate from the Select certificate list.

    • To create a new certificate:

      1. In the Session token certificate list, select Create new certificate.

      2. In the Certificate issuer field, the name of the certificate issuer.

      3. Select the key length of the certificate from the Key length list.

    • To create a new certificate file:

      1. In the Session token certificate list, select Create new certificate file.

      2. In the Certificate issuer field, the name of the certificate issuer.

      3. Select the key length of the certificate from the Key length list.

      4. In the Certificate file field, enter the path and file name for the new certificate.

15. Click Next.

16. Specify the user account for automatic updating on the Set update credentials page by activating one of the following options:

    NOTE: The user account is used to add or replace files in the application directory.

    • Use IIS credentials for update: Set this option to use the user account used by the application pool to run updates.

    • Use other credentials for updates: To use a different user account, set this option. Specify the domain, the user name, and the user password.

17. Click Next.

18. On the Application token page, enter the application token for the API Server into the input field.

    TIP: To use a new token and therefore replace the existing token in the database, activate the option Replace the application token in the database. When doing so, note that the current token will become invalid and every location that uses it must be updated with the new token.

19. Click Next.

    The Setup is running page opens and shows the progress of each installation step.

20. Once installation is complete, click Next.

21. On the Wizard complete page, click Finish.

22. Close the autorun program.

Related topics

• Uninstalling the API Server