How to monitor the server
The Connect2id server offers administrators and engineers a number of methods to monitor its service, performance and health:
A monitoring web API with over 100 metrics as well as backend database connection health-checks. The server can be configured to make those metrics available via JMX.
The metrics include:
- user sign-on activity, failed authentications, denied authorisations;
- active user sessions;
- user session creation, retrieval and expiration;
- access token issue;
- client registrations;
- usage of the individual OAuth 2.0 grants (code, implicit, refresh token, etc).
- cluster size.
JMX monitoring of the Infinispan data grid and the individual maps / caches maps in it, such as hit / miss rates, cluster members and size.
The session store web API for checking how many and which users are currently online.
The authorisation store web API for monitoring and inspecting persisted authorisations.
The persisted client registrations, long-lived authorisations and other data can also be inspected in the database where they have been stored:
For an RDBMS with a generic SQL client, or vendor specific client like MySQL Workbench or pgAdmin;
For an LDAP database, with an LDAP client or browser, such as Apache Directory Studio.
- The server logs.
Documentation
- Quick start
- Datasheet
- Configuration
- Standard endpoints
- Integration
- Guides
- Release notes
- Roadmap
-
Old versions
- Connect2id server 4.x
- Connect2id server 5.x
-
Connect2id server 7.x - 9.x
- Quick start
- Datasheet
- Configuration
- Standard endpoints
- Integration
-
Guides
- Run in Docker
- Deployment checklist
- FAPI checklist
- Non-localhost evaluation
- Two tier caching with Redis
- TLS termination proxy setup
- Global DynamoDB tables
- Multitenancy
- Data migration
- LDAP directory setup
- LDAP backend migration
- OpenLDAP schema update
- OpenDJ records migration
- Login page integration
- Logout UI integration
- OAuth scopes
- Access token
- eKYC / Identity Assurance
- Identity federation
- Identity federation in mobile apps
- User session timeouts
- Account switching
- Custom OAuth grants
- Client-based sessions
- Client registration
- Initial access token for client registration
- Client authentication
- OpenID Connect claims
- Pairwise subject IDs
- Load balancing and health checks
- Clustering in AWS
- Interpreting Infinispan / JGroups logs
- Monitoring
- Key login metrics
- Detect and purge disused clients
- Roadmap
- Connect2id server 6.x
- Connect2id server 2.x
- Connect2id server 3.x