Integrating with IBM Sterling Order Management System Software certified containers over phase 2

Edit online

Configure the integration properties, custom overrides properties, and generate a JSON Web Token to integrate Sterling Intelligent Promising with Sterling Order Management System Software containers.

Configure the integration between IBM® Sterling Order Management System Software certified containers and IBM Sterling Intelligent Promising. For more information, see Enabling Sterling Inventory Visibility integration for Sterling Order Management System Software.

Configure the following set up properties in System Management Administration (SMA) for enabling V2 mode.

iv_integration.IVApiVersion=v2
iv_integration.nodeAvailability.apiUrl=/v2/availability/node/
iv_integration.networkAvailability.cached.apiUrl=/v2/availability/network/
iv_integration.nodeAvailability.cached.apiUrl=/v2/availability/node/
iv_integration.reservations.apiUrl=/v2/reservations/

Ensure that the following properties are added to the customer overrides properties file.

iv_integration.tenantId: default
iv_integration.clientId: DEFAULT
iv_integration.secret: DEFAULT
iv_integration.baseUrl: https://<SIPHOSTNAME>/inventory
iv_integration.authentication.mode: JWT

Select any of the following ways to generate JWT.
- By using IBM Sterling Order Management System Software certified containers private-public key pair
  1. Install the OMEnviroment by adding the following JWT property to common parameter. For more information, see Configuring common parameter.
```
     jwt:
       algorithm: RS512
       audience: service
       issuer: oms
```
    The private key is imported to the keystore and public key is copied to sharedCertificates in Persistent Volume. For example, <sharedDirectory/jwtauth/operator.pub>.
  2. Configure this public key in OMS Gateway as explained in Creating a JWT issuer secret by using a public key.
- By using your own private-public key pair
  1. Ensure that the following JWT properties are added to the customer overrides properties file.
```
yfs.yfs.jwt.create.issuer: oms
yfs.yfs.jwt.create.audience: service
yfs.yfs.jwt.create.expiration: <TIME in seconds>
yfs.yfs.jwt.create.pk.alias: operator
yfs.yfs.jwt.create.algorithm: RS512
yfs.yfs.jwt.create.userClaim: admin
```
  2. Copy the customer generated keystore (jks) into the shared directory of Persistent Volume. For example, /<SHARED_DIR>/jwtauth/jwt.jks.
  3. Configure the following JVM arguments properties for integration servers. The IV_ADJUST_IS and IV_ADJUST_ID integration servers require these JVM arguments.
```
jvmArgs:
  - groupName: IVJVMArgs
    propertyList:
      - -Dhttps.protocols=TLSv1.2
      - -Dcom.ibm.jsse2.overrideDefaultTLS=true
      - -Dycp.jwt.auth.keyStore=/opt/ssfs/runtime/jwt
      - -Dycp.jwt.auth.keyStorePassword=${keyStorePassword}
      - -Dycp.jwt.auth.trustStore=/opt/ssfs/runtime/jwt
```
  4. Install the OMEnviroment by skipping the JWT section in spec so that Sterling Order Management System Software uses the user provided key-pairs.
  5. Configure this public key in OMS Gateway as explained in Creating a JWT issuer secret by using a public key.
  Note:
  - The Sterling Order Management System Software expects the alias name to be 'operator'. Hence, when generating the key-pairs, ensure to use the alias name as 'operator'.
  - Ensure to use the same keyStorePassword that is specified in the secret (the secret that is specified in the Sterling Order Management System Software certified container configuration) when generating the key-pairs.
  - If you are using Sterling Intelligent Promising Operator certificate, ensure to add the root CA certificate [tls.crt] to the truststore of integration servers JVM.
  - If you are using your own certificate, ensure to add it to the truststore of integration servers JVM.