This is a live document. If you encounter issues, please let us know via the #incommon-midpoint Internet2 Slack channel or via email to


This page shows how to get started with a Docker image for the midPoint component of the InCommon Trusted Access Platform.


In order to set up and run this container and associated demonstrations, you need a Linux machine with a reasonably recent Docker  installation. The most advanced demo/grouper optionally uses an LDAP browser, e.g. Apache Directory Studio that itself requires Java. The LDAP browser is really optional. It is used only to check that LDAP objects are created correctly. You can safely proceed without it.

Also, make sure appropriate ports are available on the host machine. They are listed in the documentation to individual demonstrations.

Getting started (simple demo)

The image cannot be "run" by itself as it requires a midPoint repository - i.e. an SQL database - to execute. So the easiest way to start dockerized midPoint is to use one of the provided demonstrations. The most logical choice for just getting started with midPoint is demo/simple.

$ git clone
$ cd midPoint_container/demo/simple
$ docker compose up

After starting

After docker compose up command successfully finishes you should see something like this on the console:

midpoint_server | 2024-05-24 07:23:53,374 [] [main] INFO (com.evolveum.midpoint.web.boot.MidPointSpringApplication): Started MidPointSpringApplication in 22.246 seconds (process running for 23.944)

Now you can log into midPoint using https://localhost:8080/midpoint URL, with an user of administrator and a password of Test5ecr3t.The default password is configured using environmental variable in docker-compose.yml. See Administrator Initial Password documentation for details.

Beyond the simple demo

Besides the midPoint image itself, and the simple demo discussed above, the project contains demonstrations that integrate midPoint with selected other components

Demonstration Instruction PagesDescription
demo/simpleThe simplest use of midPoint: just running it along with a dockerized PostgreSQL repository.
demo/shibboleth-apache-spShows how to use midPoint with the TAP Shibboleth SP container and Shibboleth IdP.
demo/shibboleth-midpoint-spShows how to use midPoint with Shibboleth IdP using SAML2 SP bundled with midPoint.
demo/grouperThis is a demonstration of the use of midPoint image in a wider environment consisting of Grouper, Shibboleth, LDAP directory, and sample source and target systems.

Configuring the containers (general information)

All the demos are trying to use existing containers with only configuration in the docker-compose.yml file, whenever possible. That enables you to simply use upstream containers without need of building and maintaining your own.

Especially for midPoint and related containers everything build on top of vanilla images, therefore you can fully use all information from midPoint's documentation. To start with midPoint in containers there are recommended documentation pages:

Documentation pageDescription

MidPoint Quick Start Guide

Quick start with midPoint. Also explaining basic docker commands.
MidPoint In ContainerGeneric description of midPoint in containers, including deployment diagram.
Customization in Container EnvironmentDetailed description of possible customization in containers. This page will also describe most of the settings done in docker-compose.yml files in the individual demos.

MidPoint images used for InCommon Trusted Access Platform are build on Rocky Linux. You will find other options in the midPoint documentation, but Rocky Linux is recommended for TAP.

ARM images are available as experimental. Feedback from using them at midPoint working group or at #incommon-midPoint slack channel will be appreciated and will help to decide the next steps with ARM support.

Guiding requirements for this project: TIER Docker Container Specification

  • No labels