There are several ways to deploy the FusionAuth Role Manager.

• Local using the docker image

Or for a specific application like the Armadillo

• On a kubernetes cluster using a helm chart
• On VM’s using an Ansible Galaxy collection

The FusionAuth Role Manager needs the following properties at deploy time. These are all environment variables and need to be treated as such during the deployment of the service.

FusionAuth Role Manager specific properties

• SERVER_PORT=4000

  _{^{The default server port is 4000}}

• BASE_URL=http://localhost:4000

  _{^{The base url of the FusionAuth Role Manager}}

• REDIRECT_URI=http://localhost:4000/oauth-callback

  _{^{This is the redirect url for the service. Within an actual deployment it will be something like this: https://example.org/oauth-callback}}

• APP_SESSION_SECRET=xxxxxxxxxxx

  _{^{A random uuid to secure the deployment of the service}}

FusionAuth specific properties

• FUSION_API_TOKEN='xxxxxxxx'

  _{^{Fusion API token is generated in the FusionAuth for this application}}

• ISSUER_BASE_URL=https://auth.molgenis.org/

  _{^{Issuer base url is the baseurl of the FusionAuth tied to this application}}

• CLIENT_ID=xxxxxx-xxxxxxx-xxxxxxxx and CLIENT_SECRET=xxxxxxxxxxxxxxxxxxxxx

  _{^{ClientID and ClientSecret are used to identify the application within the FusionAuth server}}