RapidIdentity Product Guides - 2019 Rolling Release


The RapidIdentity Interface provides 7 additional interfaces:


The RapidIdentity Status interface provides the option to Stop or Restart RapidIdentity at the process level. 


The Restart option can be used after making changes to configuration options in the CLI or through the RapidIdentity Appliance Home page. This option is equivalent to clicking the blue curved arrow in the Cluster tab.

The Stop option is helpful when making changes that affect RapidIdentity globally, such as an uninstall-reinstall of the Local Database or LDAP Server.

Main Database

The Main Database menu item lists the currently configured database. Selecting this option opens a submenu with 7 additional items.

  1. Type

  2. Host

  3. Port

  4. Database/Schema

  5. Username

  6. Password

  7. Advanced


Selecting options 2-6 opens a prompt for administrators to change the values for each of those fields. The Advanced menu item directs to the rapididentity.properties configuration file.

Selecting the Type menu option allows administrators to change the main RapidIdentity Database. The currently supported databases types are MySQL, PostgreSQL, and MSSQL.  


If the Main Database is changed, it is necessary to Restart RapidIdentitiy for the change to take effect.

MySQL Driver

The MySQL driver can be installed after the initial RapidIdentity installation.

Audit Database

The Audit Database interface allows administrators to determine whether a specific database should be used for audit. 


The default setting is False, which means that the local database is used for audit.

If the Audit Database is changed, it is necessary to Restart RapidIdentity for the change to take effect.


The Start-At-Boot configuration allows RapidIdentity to start when the operating system is started.

For example, if RapidIdentity is hosted on an AWS EC2 Instance and Start-At-Boot is enabled, once the instance has passed its start up checks RapidIdentity will start and subsequently be available to access from a browser after a few minutes; RapidIdentity is available immediately from the command line after the instance passes its start up checks.

The default setting is enabled. To disable this configuration, select and confirm to disable. 


The Capabilities menu item allows administrators to define the currently available capabilities. Selecting this option opens a prompt to edit Capabilities.  


The end result is that the rapididentity.properties capabilities value is updated.


Capabilities can be configured to inclusive or exclusive by adding prefixes of "+" or "-", respectively.

Each component in the table matches to a RapidIdentity Component, except for "admin" which refers to Appliance.

Table 219. Components



















Folders Notes

If the environment is not pointing to Active Directory, the folders capabilities are automatically disabled since RapidIdentity Folders is specific for Windows-based home or group shared folders.

The advantage of this functionality in a unified RapidIdentity is that RapidIdentity back end processes are not dedicated to a component that isn't applicable. Therefore, RapidIdentity can run more efficiently.

The wildcard "all" can be used as a prefix in three possible ways with either an inclusion or exclusion. All does not include api.explorer.

  1. all: includes or excludes every UI and Job capability

  2. all.ui: includes or excludes every UI capability

  3. all.jobs: includes or excludes every Job capability

Inclusions and exclusions are processed in the order they occur and result in adding or removing from the set of capabilities.

  • If the list is empty, then all capability group is used.

  • If the list starts with an exclusion, then the initial set is the all capability group.

  • If the first item in the list is an inclusion, the initial set starts as empty.

  • Including or excluding a top level capability also includes or excludes all its subordinates (e.g. connect includes connect, connect.ui and connect.jobs).

  • Including a subordinate implies inclusion of its superior (e.g. federation.ui includes Federation).

  • Excluding a subordinate does not imply exclusion of it's superior.

  • Including or excluding is equivalent to including or excluding each of the individual members of the group.

Table 220. Additional Capability Examples




Includes all capabilities except api.explorer.


Includes all capabilities except api.explorer.


Includes admin, admin.ui, admin.jobs, connect, connect.ui, and connect.jobs.


Includes all capabilities except api.explorer and folders.


Included portal, portal.ui, federation, federation.ui, and federation.jobs.

Accessing Swagger-defined APIs via the api_explorer Capability

The api_explorer capability provides access to the publicly available RapidIdentity API.

It is necessary to include the api_explorer capability to access the Swagger-defined APIs, as shown in the rapididentity.properties screenshot above.

After the api_explorer capability is added and saved, the Swagger-defined APIs can be accessed by following these three steps.

  1. Open a browser tab and type this address: https://<hostname or IP address>/api.

  2. Click the Swagger link, which will be in this format: https://<hostname or IP address>/api/rest/api-docs?url=/api/rest/swagger.json.

    1. This URL can be bookmarked for convenience, however, if the api_explorer capability is disabled and the Swagger URL is accessed, the browser returns all Swagger-defined APIs as one JSON string.

  3. The Swagger-defined APIs may take a moment to load. This behavior is normal and expected. Once loaded, the APIs appear as shown. 

SSL/TLS Profile

The SSL/TLS Profile menu item defines which SSL Profile should be used with RapidIdentity. Selecting this option opens a prompt to edit the profile.

The end result is that the rapididentity.properties tomcat.sslProfile value is updated.


The Advanced menu item directs administrators to the rapididentity.properties configuration file.