rockcarver · vscheuber · Feb 4, 2026 · Feb 3, 2026 · Feb 3, 2026
diff --git a/package-lock.json b/package-lock.json
diff --git a/test/e2e/__snapshots__/conn-describe.e2e.test.js.snap b/test/e2e/__snapshots__/conn-describe.e2e.test.js.snap
@@ -1,12 +1,12 @@
 // Jest Snapshot v1, https://goo.gl/fbAQLP
 
-exports[`frodo conn describe "frodo conn describe http://openam-frodo-dev.classic.com:8080/am": should describe the classic connection 1`] = `
-"Host                  │http://openam-frodo-dev.classic.com:8080/am
-Deployment Type       │classic                                    
-Username              │amadmin                                    
-Password              │                                           
-Authentication Service│MockAmsterService                          
-Amster Private Key    │[present]                                  
+exports[`frodo conn describe "frodo conn describe http://openam-frodo-dev.amster.com:8080/am": should describe the classic connection 1`] = `
+"Host                  │http://openam-frodo-dev.amster.com:8080/am
+Deployment Type       │classic                                   
+Username              │amadmin                                   
+Password              │                                          
+Authentication Service│MockAmsterService                         
+Amster Private Key    │[present]                                 
 "
 `;
 

diff --git a/test/e2e/__snapshots__/conn-save.e2e.test.js.snap b/test/e2e/__snapshots__/conn-save.e2e.test.js.snap
@@ -1,9 +1,8 @@
 // Jest Snapshot v1, https://goo.gl/fbAQLP
 
-exports[`frodo conn save "frodo conn save --no-validate --private-key /home/user/am/security/keys/amster/amster_rsa --authentication-service MockAmsterService http://openam-frodo-dev.classic.com:8080/am": save new classic connection profile with private key and custom authentication service. 1`] = `
-"Error parsing private key from file /home/user/am/security/keys/amster/amster_rsa: ENOENT: no such file or directory, open '/home/user/am/security/keys/amster/amster_rsa'
-Advanced setting: Authentication Service: MockAmsterService
-Saved connection profile http://openam-frodo-dev.classic.com:8080/am
+exports[`frodo conn save "frodo conn save --no-validate --private-key test/fs_tmp/conn-save-pk --authentication-service MockAmsterService http://openam-frodo-dev.amster.com:8080/am": save new classic connection profile with private key and custom authentication service. 1`] = `
+"Advanced setting: Authentication Service: MockAmsterService
+Saved connection profile http://openam-frodo-dev.amster.com:8080/am
 "
 `;
 
@@ -12,8 +11,9 @@ exports[`frodo conn save "frodo conn save --no-validate --sa-id b672336b-41ef-42
 "
 `;
 
-exports[`frodo conn save "frodo conn save --no-validate http://openam-frodo-dev.classic.com:8080/am amAdmin Sup3rS3cr3t!": save new classic connection profile using an admin account. 1`] = `
-"Saved connection profile http://openam-frodo-dev.classic.com:8080/am
+exports[`frodo conn save "frodo conn save --no-validate http://openam-frodo-dev.amster.com:8080/am amAdmin undefined": save new classic connection profile using an admin account. 1`] = `
+"Advanced setting: Authentication Service: MockAmsterService
+Saved connection profile http://openam-frodo-dev.amster.com:8080/am
 "
 `;
 

diff --git a/test/e2e/conn-describe.e2e.test.js b/test/e2e/conn-describe.e2e.test.js
@@ -58,14 +58,15 @@
 import cp from 'child_process';
 import { promisify } from 'util';
 import { getEnv, removeAnsiEscapeCodes, testif } from './utils/TestUtils';
-import { connection as c, classic_connection as cc } from './utils/TestConfig';
+import { connection as c, amster_connection as cc } from './utils/TestConfig';
 
 const exec = promisify(cp.exec);
 
 process.env['FRODO_MOCK'] = '1';
 process.env['FRODO_CONNECTION_PROFILES_PATH'] =
     './test/e2e/env/Connections.json';
-const env = getEnv();
+const env = getEnv(c);
+const classicEnv = getEnv(cc);
 
 describe('frodo conn describe', () => {
     testif(process.env['FRODO_MASTER_KEY'] || process.env['FRODO_MASTER_KEY_PATH'])(
@@ -81,7 +82,7 @@ describe('frodo conn describe', () => {
         `"frodo conn describe ${cc.host}": should describe the classic connection`,
         async () => {
             const CMD = `frodo conn describe ${cc.host}`;
-            const { stdout } = await exec(CMD, env);
+            const { stdout } = await exec(CMD, classicEnv);
             expect(removeAnsiEscapeCodes(stdout)).toMatchSnapshot();
         }
     );
@@ -100,7 +101,7 @@ describe('frodo conn describe', () => {
         `"frodo conn describe --show-secrets ${cc.host}": should describe the classic connection and show the associated secrets`,
         async () => {
             const CMD = `frodo conn describe --show-secrets ${cc.host}`;
-            const { stdout } = await exec(CMD, env);
+            const { stdout } = await exec(CMD, classicEnv);
             //Don't test with snapshot, otherwise the snapshot would contain secrets. Instead, just check to make sure "[present]" doesn't exist anywhere.
             expect(removeAnsiEscapeCodes(stdout).includes("[present]")).toBeFalsy();
         }

diff --git a/test/e2e/conn-save.e2e.test.js b/test/e2e/conn-save.e2e.test.js
@@ -48,7 +48,7 @@
 import cp from 'child_process';
 import { promisify } from 'util';
 import {getEnv, removeAnsiEscapeCodes, testif} from './utils/TestUtils';
-import { connection as c, classic_connection as cc } from './utils/TestConfig';
+import { connection as c, amster_connection as cc } from './utils/TestConfig';
 import { writeFileSync, rmSync } from 'fs';
 
 const exec = promisify(cp.exec);
@@ -58,22 +58,26 @@ const connectionsSaveFile = './test/e2e/env/ConnectionsSave.json';
 process.env['FRODO_MOCK'] = '1';
 process.env['FRODO_CONNECTION_PROFILES_PATH'] =
   './test/e2e/env/ConnectionsSave.json';
-const env = getEnv();
+const env = getEnv(c);
+const classicEnv = getEnv(cc);
 
 const jwkFile = 'test/fs_tmp/conn-save-jwk.json';
+const pkFile = 'test/fs_tmp/conn-save-pk';
 
 beforeAll(() => {
   writeFileSync(jwkFile, c.saJwk);
+  writeFileSync(pkFile, cc.pk);
   writeFileSync(connectionsSaveFile, '{}');
 });
 
 afterAll(() => {
   rmSync(jwkFile);
+  rmSync(pkFile);
   rmSync(connectionsSaveFile);
 });
 
 describe('frodo conn save', () => {
-  testif(process.env['FRODO_MASTER_KEY'])(
+  testif(process.env['FRODO_MASTER_KEY'] || process.env['FRODO_MASTER_KEY_PATH'])(
     `"frodo conn save --no-validate ${c.host} ${c.user} ${c.pass}": save new connection profile using an admin account.`,
     async () => {
       const CMD = `frodo conn save --no-validate ${c.host} ${c.user} ${c.pass}`;
@@ -82,7 +86,7 @@ describe('frodo conn save', () => {
     }
   );
 
-  testif(process.env['FRODO_MASTER_KEY'])(
+  testif(process.env['FRODO_MASTER_KEY'] || process.env['FRODO_MASTER_KEY_PATH'])(
     `"frodo conn save --no-validate --sa-id ${c.saId} --sa-jwk-file ${jwkFile} ${c.host}": save new connection profile with existing service account and without admin account.`,
     async () => {
       const CMD = `frodo conn save --no-validate --sa-id ${c.saId} --sa-jwk-file ${jwkFile} ${c.host}`;
@@ -91,20 +95,20 @@ describe('frodo conn save', () => {
     }
   );
 
-  testif(process.env['FRODO_MASTER_KEY'])(
+  testif(process.env['FRODO_MASTER_KEY'] || process.env['FRODO_MASTER_KEY_PATH'])(
     `"frodo conn save --no-validate ${cc.host} ${cc.user} ${cc.pass}": save new classic connection profile using an admin account.`,
     async () => {
       const CMD = `frodo conn save --no-validate ${cc.host} ${cc.user} ${cc.pass}`;
-      const { stderr } = await exec(CMD, env);
+      const { stderr } = await exec(CMD, classicEnv);
       expect(removeAnsiEscapeCodes(stderr)).toMatchSnapshot();
     }
   );
 
-  testif(process.env['FRODO_MASTER_KEY'])(
-    `"frodo conn save --no-validate --private-key ${cc.pk} --authentication-service ${cc.authService} ${cc.host}": save new classic connection profile with private key and custom authentication service.`,
+  testif(process.env['FRODO_MASTER_KEY'] || process.env['FRODO_MASTER_KEY_PATH'])(
+    `"frodo conn save --no-validate --private-key ${pkFile} --authentication-service ${cc.authService} ${cc.host}": save new classic connection profile with private key and custom authentication service.`,
     async () => {
-      const CMD = `frodo conn save --no-validate --private-key ${cc.pk} --authentication-service ${cc.authService} ${cc.host}`;
-      const { stderr } = await exec(CMD, env);
+      const CMD = `frodo conn save --no-validate --private-key ${pkFile} --authentication-service ${cc.authService} ${cc.host}`;
+      const { stderr } = await exec(CMD, classicEnv);
       expect(removeAnsiEscapeCodes(stderr)).toMatchSnapshot();
     }
   );

diff --git a/test/e2e/env/Connections.json b/test/e2e/env/Connections.json
@@ -5,5 +5,11 @@
     "svcacctId": "912dcd07-421b-4ba9-b019-edbfe66a89be",
     "svcacctName": "Frodo-SA-1758728043147",
     "svcacctScope": "fr:idc:custom-domain:* fr:idc:release:* fr:idc:sso-cookie:* fr:am:* fr:autoaccess:* fr:idc:content-security-policy:* fr:idc:esv:* fr:idc:certificate:* fr:idm:* fr:idc:analytics:* fr:idc:cookie-domain:* fr:idc:promotion:*"
+  },
+  "http://openam-frodo-dev.amster.com:8080/am": {
+    "authenticationService": "MockAmsterService",
+    "deploymentType": "classic",
+    "encodedAmsterPrivateKey": "KDIStw+dszpCk127MKhNvSiVUkLVrKLZSgIInkonvWLdYyzI11xdGbBCXVIBYoMLQ6BNy0PCh+O8qTltOlxQn0uI9piZgrDfWPjPfIFjyCpUKZb8FexKaEG1WfTf8G83GpyV73F/pH9lY9e6eJFxA+YKaiYav+4SqKj+Orn3GOCZvKRMiP+WLsU/1SUun+xLiYHCWSCMbLQWAvddcJBfLxflR/c8HgJqmaWuE0DErx9r1Zfh4uikhm4oV9KcELuUMSvfQqTiodG38zuCm2gUbPrbCopRhWpZauTtFmLdwEeCmGTTXhg7Kcm21iHZTp8tGq/y1pM5lLnZziDY4r75h8Qr9h8hBxhZqxE7dW6MU50+0ReRk+gPGsP9dy99IFmZmWtupSMy5DlVIJd4IhFlcHfw8ZSd1nmiQGW2gU5y/YWAAMeKyFD5WGuL/JYnpvyp804CKu+yJpUauKHs1yHDHqB9SOojyJ1A6Q+clUfF3HsZ8L1B24EF9Y+CWmB3aXxILTzGavtQWcIUHlQrN0hVkUfjL9AyAGGdivI7nO9b7rhQhPYz0L72bCeSCq1BoC/gKqLjlWuFlSPxA5PQrh+MNedwi3kkIRoeFB8PvX5Yr0UuMlsnm3YE3WSGrK7lCM4zkaqKymufd2GiPrmIO2V+OV6ggUi0Y2vbnVF011A0RewAHKu7KycLtBBMe23axR6CL3eAVvwVVRCh9ic+ddeBfuH6JTGZrPQGsGHs1w4MHY6zT4U8JzL20rQmy9aGdSeaL+xRC5EHsYO7F/QWDM1tPyZ30IIg/vws3ohnqsTGTklimu7w3PcPvZPEEC+BFKrbeE3kl6TzoWADkf3787wzXLs+DUBgvz2ZHEyVkAUW+0hR716HwfJz+meA9xMYn2sqLA42BZsB/kvc5HmcWsHq0kpNyLdJFD1E8rpwEfxBu81kB1TSbDMQjPf3CzqsgXg6he8iOA4He+8JU6YnY010kV9nBEraiIBov9PfCIuJvNTg6Bh1jcqHIvm8bsbgbFp+hMCgiKP919sVIgl6RmI+D4T2SXpLKg/MyvL+hR2QvXFqG16F4bqecKMU56S/A6Mtrx88LqDQHGfJt4dTUhgGKuHWfWmoY7VpuhODJi5gxLlBKx+9QT3yQsa6d39UTsdFMhJmUY5zh7CSt9vOBq0Eqip1FutYWGmvWs/NQXU0wbiCnDc2bE7NRGqIy5EuEH+cxOJblPqIljse9oyW+4we7H4hiIDH75nVe/BpKLjLxh0bVXCrOcCTaZhPTvUWFwOCtdwnni4+x4qrIMXz50Y9NqNLrBgGOARojZxiI+sZKxaoJk3JKV60evprPxmLmevqCCbClgSEHm5XHa4c4aJnT4/P54vyUu4AdWyZ0sNBgD3toixL/mrhsKtr9jEPB9fAxVY3XpgXGJvbLlmw1fd2PlYqr0uZqbRouRHr4dLY5ATjZ4tEl1HZPyDsJC1CWEH6D0zDIeh/YO+bLcwUzB55dijBIzNZY5QTBohVihxrCMWX3srMxYBnwbof+lTOv7tAbpa9jRaq9RcSiamNdXjBenbzl3wx4cWgVez//ifDtJqcVwhMsNTa2w0HmtAz1tONlryw0Q+oHrMiOog3Exv0dHB6/yG/ea1DJHiNrClc8AQnmN0a8y+8FRf+e95xdcQDJDhO0cPCibXb0ZTXfkeZy1KFNtToxOfBYc8LVOWfvNwKJJRWFzof8Fko5AnmbKBz3447TWKl392sQRt0P0mPW1tKQ0TtiRfXCa2C7l9kfKqs0cglko5Y7TWIVVxFPNqFL+7CLql0aBXOrT2l9gPbY45g3EOiL34bHYKQtrxzyYO+76yHgd/3vOBFiTqNblKNY5BseX+iWEhDqI73Rl9t2NTmCaVdwaQVO5PbVb3TnfYUAzToOGRaOGKhtf24MSYk/oCvQqbXUPf+w84EysqUXqtO/ebf7FN2ih3GmV8qwr0kn3Hygz3Ymfc7sQ5abU5V/Mi1ca0ph/aWjRzq19e7Va7sfRMo2hO5b9I2jAogm5pbX23Qk0Xe3gtTz75l1x95kyzWASRmRVDNfrHsZkIWFFqQtoEkPQngMpWmbWnTWzHPXWIhmpDOryhRwVPqKOxGxwCOp6nFxP5WGz6Z693doPJKlQ7Hms0EJM0VXKNiq0mmzNYZfUoVmD8rt5aVm2/rZVgEG/AJnnXSwfH5YNwNeqzDFW3dbreOwpnKCVooiqTTcH4VQbj2tkAR8hiRhi/Nc1qVaZgqU3bRe0P8d+rKsekz44W77ZSIkHzigWlNrveSc680nfcqk5jlG/uaCURSyEL9yz8euk3I8KN11FU8wQ5XBM9thOtMpdvzGBYcaa5F5yz7IXu973ttlo4zT6xHiyY/XLKM8udah53q0YhsOXaf69mjrCI5CIWdBmZMlkS4gF/3GAA80r5xvkh0kSCFiWp82eXQ90OGIneYnXx6ScGh8UUzcSCeEvTZfVJGfN2nGb4HuaBFmfdMC2wu+Tpi+IoUiRpGlVQ3gl4kYJTcwHBP5NgQt8rJ5EuRLQSSpuvUUA7reDAyVbhuCwez6DV1lK7tdX4fJFtXqYxoRGPNhIUnarsV8yRsQkRtqig0nymDvG/ypU96W7pKUCdvqTu7vhFvLon4SZvrNiGcQFkKs3qG9XsvvJWjgt0g/7szbF1WDsCUbE/M+ah4sCjswQUsB53RWZ1oeyEO0z3Vek7O3VA48BXi1CVFEJstLpVeaXzFNnxuiFhB3pYcMPWCznzvd/O4UjA1RV1Q13roV+Rgg5J4WiX9huaQRB02nPuFHzJ6DFWdcr++oxjEBWaGPkwIrjald5Ns3k8GM+WEHJ+493vRffuyI4E7n+KmmyEYYCmoYlnilAZfUEQfEgBH+GwTQjxvY8WoR9oHoyZStqTt2yPu77heIzYBHX/KfKudaYZC7ulC/t7t8TYkDVZRsG4ZL0acbuo7kO8FhAKrxE1TkS0wIwJhJGCfYIgfZ73CvmEakwGhXTUZVOh3eQwPPINf73sZZZOC7XdjDbnArx/EnOL1/iSUuWHwn1/LiSC0XNsqtbPQul9GWJTLLA+lqJZjhbJl0OHQuvaaP5Nnq6IPVcgGDtxvUWXHl3j2LGZsvIxAAQEjw1jlunximOF13YjJDM4v6eEEN0YAPT7xRS+T7IvBqlf9LCbJcXaYUC4lWk8lm4LPePEbH1mVKi3SzAsbliEchI6sigAKoylBSnEL6Tx/t7TdLFYC3mrdfk9LuUs/2WVjl8JmLG9kqJosVNY7lZHA2RlxrE08+CD6qcVeWpfm6iwQ7C/FwOpQuXAwwW7YY9R9a5vS0SZb+loAre4NrtimXyyPANuZSCO2zYeCeo4wt77rUX0Tbjl/Ao57NzKDVlkMf9Z9rPiv2qjWPynn++P93nV4UObGyRRW4cOfl6UDW0UgM3aYIQR3NNfvr7QonoOfcgmdKD5+khCzgRBzi+YE0ldMkTv3L9X/JiVLFJBlM5HjJlJUlVs0g6Vo",
+    "username": "amadmin"
   }
 }
diff --git a/test/e2e/utils/TestConfig.js b/test/e2e/utils/TestConfig.js
diff --git a/test/e2e/utils/TestUtils.js b/test/e2e/utils/TestUtils.js
@@ -252,6 +252,8 @@ export function getEnv(connection = undefined) {
       ...(connection?.saJwk && { FRODO_SA_JWK: connection.saJwk }),
       ...(connection?.user && { FRODO_USERNAME: connection.user }),
       ...(connection?.pass && { FRODO_PASSWORD: connection.pass }),
+      ...(connection?.pk && { FRODO_AMSTER_PRIVATE_KEY: connection.pk }),
+      ...(connection?.authService && { FRODO_AUTHENTICATION_SERVICE: connection.authService }),
     },
   };
 }