• Home
• App Integrations
• Setup miniOrange Access Gateway

Setup miniOrange Access Gateway

---

A step-by-step guide to installing and configuring miniOrange Access Gateway (MAG) for secure access and authentication.

System Requirements

miniOrange access Gateway server has the following system requirements.

• Operating System: Linux or Windows operating system that runs minimum Java 11
• CPU Core: 4 Core
• RAM: 16GB and above
• HDD: 20GB or above
• JAVA Environment: jdk11
• Server Access Policies: Port 80 (HTTP Port), Port 443 (HTTPS PORT), Port 8181 for MAG dashboard
• Database: MongoDB

Install miniOrange Access Gateway

Follow the steps to deploy the miniOrange Access gateway server on your operating system:

• Windows Installer
• Linux Installer

Pre-requisites:

• miniOrange Access Gateway - [Link to download]
• Java 11 [Link to download]
• MongoDB [Link to download]

Download Required Files:

• Set Environment variable for mongodb.
• MONGOSH : C:\Program Files\MongoDB\mongosh-2.0.1-win32-x64\bin
• Double-click to run the downloaded installer (exe) file.
• If your MongoDB path is correctly set, Click Ok.



• Click Install.



• After successful Installation, click ok.



• After installation, you will be directly redirected to below.

Pre-requisites:

• miniOrange Access Gateway- [Link to download.]
• Java 11 [Link to download]
• MongoDB [Link to download]

Download Required Files:

• Check MongoDB is installed and in active status.



• Run the downloaded installer (sh) file using the command below.

Follow the Step-by-Step Guide given below for Miniorange Access Gateway Setup

1. Sign up with miniOrange Access Gateway

• Click here to log into your miniOrange account.

  (Don’t have an account? No worries! Click here to create one.)

• Open your browser and go to: http://localhost:8181/login
• This will take you to the MAG login page.



• Enter your credentials just as you would with your miniOrange cloud account.
• Click on the Login button.
• After successful authentication, you will see the dashboard.

2. Configure Upstream Servers

• Enter the Upstream Group Name.
• Click on the Add Server button.
• Enter the Server Details.
• Click on Save.

  Upstream Group Details:

  Group Name	Enter a unique name for the Group of Upstream Servers.
  Load Balancing	Disabled by default. Can be enabled only if more than one active (enabled) server is present in the group. Select Load Balancing Policy from the dropdown.

• Click on Add Upstream Server Group button.





• Enter the Group Name.
• Click on Add Server to add the application's IP address to your upstream group.



• Fill in the Server Details.

  Scheme	Select the scheme/protocol used to access the your Application Server. This field can only have one value either HTTP or HTTPS.
  Host	The FQDN or IP Address of your Application Server.
  Port	The Port on which the your Application Server is listening.

• To configure multiple Upstream servers, click Add Server again and enter the Server Details.



• Enable the Load Balancing toggle and select the load-balancing algorithm from the Policy Name dropdown.

  Note: Load Balancing can only be enabled if at least 2 servers are enabled.

  
  
  
  
• Click on the Save button.

3. Add Authentication

• Navigate to the Authentication Providers section.
• Click the Add Authentication Provider button.



• Select the protocol your IDP supports.

• SAML
• OAuth

If SAML is Selected:

• Enter the Identity Provider name and click Save.

  Note: miniOrange Access Gateway metadata will be provided per application.

  
  



• In Upload IDP Metadata, upload the file provided by miniOrange.



• Click Save.

If OAuth is Selected:

• Fill in the details as provided by IDP.



• Click Save.

4. Add Application

• In the Apps section, click Add Application.



• Choose the appropriate Application Type from the list.

  Note: If your application isn't listed, select Custom Application to configure it manually.

  
  

  Basic Details:

  Application Name	Enter a unique name to identify Application.
  Hostname	FQDN on which this Access Gateway Application will be accessed.
  Server	Select the Access Gateway Server from the dropdown where you want to deploy the application.
  Request Caching	Enable or disable Request Caching. If enabled, specify the URL paths for which responses should be cached on the browser side.





Note: The Hostname entered above must have a DNS entry pointing to the server on which miniOrange Access Gateway is deployed.



• Route Details:

  Path	Defines the request URL pattern (e.g. /jde/owhtml, /*) that this route will handle. Supports exact paths or wildcards.
  Interceptors	A list of interceptors that process the request before it's forwarded. You can add, remove, or reorder them.
  Authentication Provider Name	Select the name from the list of configured Authentication Providers . This option will be enabled only if SAMLAuth Interceptor is present.
  Upstream Group	Select the name from the list of configured Upstream Groups where the request should be forwarded.





Predefined-Interceptor Type	Function
SAML	Forces SAML Authentication before forwarding the request to upstream server.
Catch Cookies	Fetch cookies from the request and add these to the corresponding response from upstream server.
Session Logout	Destroys the session of the user in Access Gateway
Clear Cache	Disable Caching

5. Configure Interceptor

• Go to Interceptors and click on Add Interceptor.




Note: Interceptors are components which act like filters, that process incoming requests before they are forwarded to the Upstream Server.






Interceptor Type	Function
Header	Adds headers to request as specified in the configuration.
Redirect	Redirects to specified url instead of forwarding the request to upstream server.
Request Verification	Performs actions based on the configured verifiers.
JWT	Must be used after an Authentication Interceptor (SAML/OAuth). This interceptor generates a JWT token and appends it to the URL path where the interceptor is applied.

6. Configure Server

• Go to Servers and click on Add Server.



• Fill in the Server Details:

  HTTP	Enable this button if you want to allow Access Gateway to run on HTTP
  Port	Enter the Port number that the Access Gateway will listen on for HTTP Requests
  HTTPS	Enable this button if you want to allow Access Gateway to run on HTTPS
  SSL Port	Enter the SSL Port number that the Access Gateway will listen on for HTTPS Requests
  Keystore Type	Type of keystore used for SSL Certificates (JKS, PKCS12, PEM)
  Upload Keystore	If Keystore Type is JKS / PKCS12, then upload keystore files with extensions .jks, .p12, .pfx
  Upload PEM Certificate	If Keystore Type is PEM, then upload file with .pem extension
  Upload Private Key	If Keystore Type is PEM, then upload private key with .pem extension




• Click on Save to save the configurations.

Note: After creating a server, go to the Applications section, click Edit on the desired application, and select the server where the application should be deployed.

Dashboard

On the Admin Dashboard, you can view configuration summaries, monitor server health status, and inspect live request traffic.

License Upgrade

• Click on Upgrade License.



• Choose the License file provided by miniOrange and click on Upload.

Accessing the Gateway

• Open a browser.
• Enter the gateway URL: https://custom.xecurify.com/login.