...
| Page Properties |
|---|
|
| Product Version | 2021 Summer |
|
|---|
| Report Note | published |
|
|---|
| Assignee | Antje |
|
|---|
Resources & Remarks Modification History | Name | Date | Product Version | Action |
|---|
| Antje | 14 APR 2021 | 2021 Summer | rDOC | | Agnieszka | 19 APR 2021 | 2021 Summer | rLANG |
|
| Note |
|---|
| title | Deprecated as of 2022 Autumn! |
|---|
|
This Service is not part of yuuvis® Momentum anymore as of product version 2022 Autumn. |
| Excerpt |
|---|
Configure the cluster to enable the tenant management API to create and modify tenants. |
| Section |
|---|
|
| Column |
|---|
Table of Contents| Table of Contents |
|---|
| exclude | (Table of Contents|Read on|Tenant Management Endpoints|Keycloak Settings for yuuvis® management console| |
|---|
|
Configure | Configuring the Tenant Creation Profile) |
|
|
|
Introduction
yuuvis® management console is based on the Tenant Management Endpoints. This article describes the configuration steps that are necessary in order to enable the authentication of this API via yuuvis® Momentum AUTHENTICATION service.
To proceed with the configuration, open the internal git repository (e.g., by port forwarding the pod).
Authentication Configuration
- Open the
application-oauth2.yml for editing. Create an entry in authentication.oauth2.tenants for the Keycloak master realm:
| Code Block |
|---|
|
- name: master
clientId: dummy-client
clientSecret: 12345678-1234-1234-1234-1234567890ab
userAuthorizationUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/auth
accessTokenUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/token
userInfoUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/userinfo
endSessionUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/logout?redirect_uri=${redir}
userNameExtractionPattern: $.sub
scope: openid |
Expose Endpoints
- Open the
authentication-prod.yml for editing. Ensure that your management section is configured as follows:
| Code Block |
|---|
|
management:
endpoints:
web:
base-path: /manage
exposure:
include:
- health
- info
- refresh
endpoint:
refresh:
enabled: true
info:
enabled: true
health:
enabled: true
security:
enabled: true |
- If not already present: add
tenant-management to the list of routing.endpoints . If not already present: add endpoints configuration endpoint configurations for the tenant management endpoints to the authorization.accesses list as follows:
| Code Block |
|---|
|
- endpoints: /tenant-management/swagger-ui.html/**,/tenant-management/**/springfox-swagger-ui/**,/tenant-management/**/swagger-resources/**,/tenant-management/**/v2/api-docs/**
- endpoints: /tenant-management/api/system/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
- endpoints: /tenant-management/api/admin/**
access: hasAuthority('YUUVIS_TENANT_ADMIN') |
Summary
The authentication of the Tenant Management API has to be enabled manually by setting the proper values in the configuration profiles application-oauth2.yml and authentication-prod.yml within the internal git repository.
| Info |
|---|
|
Read on
| Section |
|---|
| Column |
|---|
| | Insert excerpt |
|---|
| Keycloak Settings for yuuvis® management console |
|---|
| Keycloak Settings for yuuvis® management console |
|---|
| nopanel | true |
|---|
|
Keep reading
|
| Column |
|---|
| | Configure Configure Configure | Tenant Creation Profile |
|---|
| nopanel | true |
|---|
|
Keep reading |
| Column |
|---|
| | Insert excerpt |
|---|
| Tenant Management Endpoints |
|---|
| Tenant Management Endpoints |
|---|
| nopanel | true |
|---|
|
Keep reading
|
|
|