Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Page Properties
hiddentrue
idrDOC

Product Version2.4
Report Note
AssigneeMartin

Resources & Remarks

  • Version 2.4 - options" ...  "synchronousContentAnalysis": true (OKTO-4309)

Modification History

NameDateProduct VersionAction
Antje08 FEB 20212.4New page properties macro.
Antje12 FEB 20212020 WinterrDOC
Agnieszka15 FEB 20212020 WinterrLANG
Antje04 MAY 20222022 Summerupdate response format/codes



201 CREATED

no response body
As of Versionproduct version 2020 Winter | component version 1.06.1
Request MethodPOST
Response FormatHTTP status codeJSON
Description


Excerpt
Creates a new tenant with the values for the corresponding parameters specified in JSON format. Required settings for Keycloak and yuuvis® Momentum core are passed as well as custom (= product application) settings. 


A Keycloak realm with a name and description is created together with the initial default technial user admin that you can use as a proxy user in your portal for tenant management. The values for name and description can be displayed in the Keycloak Admin Console as Realm Name and Display name as shown in the first screenshot below.
The parameters available for defining Keycloak settings are described for the POST /tenant-management/api/system/profile endpoint. These parameters determine the settings for each further tenant that will be created. They are optional and the default values lead to the configuration shown below.

In the yuuvis® Momentum system, a tenant with the same name will be created as well. No further configurations are set up. For additional configurations like tenant schema or extensions of the role set, a custom microservice can be configured in the profile. It will be called after each tenant creation process and add the defined extending configurations.

After creating a new yuuvis® tenant, the newly created admin user can be used to access the system using the core API, yuuvis® architect, or yuuvis® reference client.

Meaning of the response status codes:


HTTP Status CodeMeaning
201 CREATEDSuccessful, the tenant with the name has been created.
401 UNAUTHORIZEDThe call was unauthorized.


Default Configuration for Tenant Creation

Click on a screenshot to view it in its original size.

Realm

The HTML Display name shown in the screenshot defines the yuuvis® theme for the design of the Keycloak login page (left-hand side with the branding and the tenant name).

yuuvis®-themed Keycloak login dialog:

Login

These are the set-up Keycloak login parameters. They affect the login dialog as well.

E-mail

These are the default parameters for e-mail invitations that can be sent to new users.

Password Policy

These are the set-up Keycloak Password Policy parameters:

Roles and Initial User

The following yuuvis roles are set per default for each tenant:

  • YUUVIS_DEFAULT (briefly: full access to every object via default role set)
  • YUUVIS_CREATE_OBJECT (briefly: create objects)
  • YUUVIS_MANAGE_SETTINGS (briefly: save result list column and filter configurations as standard)
  • YUUVIS_TENANT_ADMIN (briefly: update schema, rolse set, maintain users, ... for the tenant)
  • YUUVIS_SYSTEM_INTEGRATOR (briefly: update global schemata and role sets for the system, create tenants) 

The admin user is created for each tenant with all the above roles assigned.

Client

These are the Keycloak Client parameters that are set for the internal communication with yuuvis® AUTHENTICATION Service:

The Root URL displayed in the screenshot has to be specified in the management helmchart in the values.yaml file. In the apitm section under client, the rooturl parameter has to be specified. If the tenant name is handled as a subdomain, a placeholder of the following structure can be set:  http://${TENANT_NAME}/exampledomain

Request Example


Panel

POST /tenant-management/api/system/tenants HTTP/1.1
{

    "name": "myTenant",
    "description": "production system",
    "adminPassword": "Policy:8characters1Capitalletter1special!",
    "adminEmail": "admin@mydomain.com"
}


name and description are mandatory.

The adminPassword can be set for the default user admin. The admin user has to be used to create any additional users for the tenant using the user management in yuuvis® architect.

If adminEmail is specified and the smtp e-mail service parameters are set up, an e-mail invitation is sent to this address. Users have to change the password and edit their profile data.

If no e-mail address is specified, you can use a (secure) communication channel of your choice to inform your admin user about how to log in to yuuvis® architect and manage users.

Response Example

200 OK

Code Block
languageyml
{
    "errors": [],
    "valid": true
}