...
Page Properties |
---|
|
Product Version |
|
---|
Report Note |
|
---|
Assignee |
|
---|
Resources & Remarks Modification History Name | Date | Product Version | Action | Name Surname | 10 FEB 2021 | x.y | Page created |
---|
Antje | 14 APR 2021 | 2021 Summer | rDOC | Agnieszka | 19 APR 2021 | 2021 Summer | rLANG |
|
Note |
---|
title | Deprecated as of 2022 Autumn! |
---|
|
This Service is not part of yuuvis® Momentum anymore as of product version 2022 Autumn. |
Excerpt |
---|
Configure the cluster to enable the tenant management API to create and modify tanants.tenants. |
Section |
---|
|
Column |
---|
Table of Contents Table of Contents |
---|
exclude | (Table of Contents|Read on|Tenant Management Endpoints|Keycloak Settings for yuuvis® management console|Configuring the Tenant Creation Profile) |
---|
|
|
|
Introduction
yuuvis® management console is based on the Tenant Management Endpoints. This article describes the configuration steps that are necessary in order to enable the authentication of this API via yuuvis® Momentum AUTHENTICATION service.
To proceed with the configuration, open the internal git repository (e.g., by port forwarding the pod).
...
Authentication Configuration
- Open the
application-oauth2.yml
for for editing. create Create an entry in authentication.oauth2.tenants
for the Keycloak master realm:
Code Block |
---|
|
- name: master
clientId: dummy-client clientSecret: 12345678-1234-1234-1234-1234567890ab
userAuthorizationUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/auth
accessTokenUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/token
userInfoUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/userinfo
endSessionUri: https://${keycloak.host}/auth/realms/master/protocol/openid-connect/logout?redirect_uri=${redir}
userNameExtractionPattern: $.sub
scope: openid |
Expose Endpoints
- Open the
authentication-prod.yml
for editing. Ensure that your management
section is configured as follows:
Code Block |
---|
|
management:
endpoints:
web:
base-path: /manage
exposure:
include:
- health
- info
- refresh
endpoint:
refresh:
enabled: true
info:
enabled: true
health:
enabled: true
security:
enabled: true |
- If not already present: add
tenant-management
to the list of routing.endpoints
. If not already present: add endpoint configurations for the tenant management endpoints to the authorization.accesses
list as follows:
Code Block |
---|
|
- endpoints: /tenant-management/swagger-ui.html/**,/tenant-management/**/springfox-swagger-ui/**,/tenant-management/**/swagger-resources/**,/tenant-management/**/v2/api-docs/**
- endpoints: /tenant-management/api/system/**
access: hasAuthority('YUUVIS_SYSTEM_INTEGRATOR')
- endpoints: /tenant-management/api/admin/**
access: hasAuthority('YUUVIS_TENANT_ADMIN') |
Summary
The authentication of the Tenant Management API has to be enabled manually by setting the proper values in the configuration profiles application-oauth2.yml
and authentication-prod.yml
within the internal git repository.
Info |
---|
|
Read on
Section |
---|
Column |
---|
| Insert excerpt |
---|
| Keycloak Settings for yuuvis® management console |
---|
| Keycloak Settings for yuuvis® management console |
---|
nopanel | true |
---|
| Keep reading
|
Column |
---|
| Configure Creation Profile Configure Creation ProfileConfigure Creation ProfileManagement Endpoints | nopanel | true |
---|
| Keep reading |
|
|