How to monitor the server

Administrators and devops engineers have a number of options to monitor the service provision, performance and health of a Connect2id server:

  1. A monitoring web API provides over 100 metrics as well as a number of health-checks for the backend database connections. The server can also be configured to make those metrics available via JMX.

    The metrics include:

    • user sign-on activity, failed authentications and denied authorisations;
    • active SSO sessions;
    • access token issue;
    • client registrations;
    • session creation, retrieval and expiration;
    • usage metrics about the individual OAuth 2.0 grants (code, implicit, refresh token, etc.).
  2. Direct JMX monitoring of the Infinispan container and the individual maps / caches maps in it, such as hit / miss rates, cluster members and size.

  3. The session store web API for checking how many and which users are currently online.

  4. The authorisation store web API for monitoring and inspecting the persisted authorisations.

  5. The persisted client registrations, long-lived authorisations and other data can also be inspected in the database where they have been stored:

    • For an RDBMS with a generic SQL client, or vendor specific client like MySQL Workbench or pgAdmin;

    • For an LDAP database, with an LDAP client or browser, such as Apache Directory Studio.
  6. The server logs.