...
| Page Properties | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||
Resources & Remarks Modification History
|
| Note | ||
|---|---|---|
| ||
This Service is not part of yuuvis® Momentum anymore as of product version 2022 Autumn. |
| Excerpt |
|---|
Configure the cluster to enable the tenant management API to create and modify tanants. |
How2
...
- Login to your keycloaks master realm
tenants. |
| Section | ||||||
|---|---|---|---|---|---|---|
| ||||||
|
Introduction
yuuvis® management console is based on the Tenant Management Endpoints. This article describes the configuration steps that are necessary in order to enable the authentication of this API via yuuvis® Momentum AUTHENTICATION service.
To proceed with the configuration, open the internal git repository (e.g., by port forwarding the pod).
...
Authentication Configuration
- Open the
application-oauth2.ymlfor for editing. create Create an entry in
authentication.oauth2.tenantsfor the Keycloak master realm:Code Block language yml - name: master clientId: dummy-client clientSecret: 12345678-1234-1234-1234-1234567890ab userAuthorizationUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/auth accessTokenUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/token userInfoUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/userinfo endSessionUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/logout?redirect_uri=${redir} userNameExtractionPattern: $.sub scope: openid
Expose Endpoints
- Open the
authentication-prod.ymlfor editing. Ensure that your
managementsection is configured as follows:Code Block language yml management: endpoints: web: base-path: /manage exposure: include: - health - info - refresh endpoint: refresh: enabled: true info: enabled: true health: enabled: true security: enabled: true
- If not already present: add
tenant-managementto the list ofrouting.endpoints. If not already present: add endpoint configurations for the tenant management endpoints to the
authorization.accesseslist as follows:Code Block language yml - endpoints: /tenant-management/swagger-ui.html/**,/tenant-management/**/springfox-swagger-ui/**,/tenant-management/**/swagger-resources/**,/tenant-management/**/v2/api-docs/** - endpoints: /tenant-management/api/system/** access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR') - endpoints: /tenant-management/api/admin/** access: hasAuthority('YUUVIS_TENANT_ADMIN')
Summary
The authentication of the Tenant Management API has to be enabled manually by setting the proper values in the configuration profiles application-oauth2.yml and authentication-prod.yml within the internal git repository.
| Info | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||||||||||||||||||||
Read on
|