...
Page Properties | ||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||
Resources & Remarks Modification History
|
Note | ||
---|---|---|
| ||
This Service is not part of yuuvis® Momentum anymore as of product version 2022 Autumn. |
Excerpt |
---|
How 2 configure Configure the cluster to enable the tenant management API to create and modify tanants. |
How2
...
- Login to your keycloaks master realm
tenants. |
Section | ||||||
---|---|---|---|---|---|---|
| ||||||
|
Introduction
yuuvis® management console is based on the Tenant Management Endpoints. This article describes the configuration steps that are necessary in order to enable the authentication of this API via yuuvis® Momentum AUTHENTICATION service.
To proceed with the configuration, open the internal git repository (e.g., by port forwarding the pod).
...
Authentication Configuration
- Open the
application-oauth2.yml
for for editing. create Create an entry in
authentication.oauth2.tenants
for the Keycloak master realm:Code Block language yml - name: master clientId: dummy-client clientSecret: 12345678-1234-1234-1234-1234567890ab userAuthorizationUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/auth accessTokenUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/token userInfoUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/userinfo endSessionUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/logout?redirect_uri=${redir} userNameExtractionPattern: $.sub scope: openid
Expose Endpoints
- Open the
authentication-prod.yml
for editing. Ensure that your
management
section is configured as follows:Code Block language yml management: endpoints: web: base-path: /manage exposure: include: - health - info - refresh endpoint: refresh: enabled: true info: enabled: true health: enabled: true security: enabled: true
- If not already present: add
tenant-management
to the list ofrouting.endpoints
. If not already present: add endpoint configurations for the tenant management endpoints to the
authorization.accesses
list as follows:Code Block language yml - endpoints: /tenant-management/swagger-ui.html/**,/tenant-management/**/springfox-swagger-ui/**,/tenant-management/**/swagger-resources/**,/tenant-management/**/v2/api-docs/** - endpoints: /tenant-management/api/system/** access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR') - endpoints: /tenant-management/api/admin/** access: hasAuthority('YUUVIS_TENANT_ADMIN')
Summary
The authentication of the Tenant Management API has to be enabled manually by setting the proper values in the configuration profiles application-oauth2.yml
and authentication-prod.yml
within the internal git repository.
Info | ||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||
Read on
|