Everything within this section is only visible while editing. Use Page Properties ID "STUB", "REFACTURE", "PROGRESS", "rDEV", "rDOC", "rLANG" and "DONE". Everything contained within the table is displayed in the (INTERNAL) Reports page.
Resources & Remarks Modification History Add a new line to this table and fill it whenever you edit the page.
|
Connection between identity provider and additional services. It can also be used as interface for role and user management for a tenant and to create and delete tenants in Keycloak. |
|
Service Name | tenant-management |
---|---|
Port Range | 8080 |
Profiles | prod,oauth2 |
Helm Chart | client |
Public API | Tenant Management Endpoints |
Service that is responsable for the retrieval of information from the connected identity provider for Web-API Gateway, clients and business process management (if configured). Thus, you can connect any identity provider working with OAuth2.
In combination with Keycloak, it additionally provides the tenant and user management functionality used by yuuvis® architect.
Provides the API:
>> Tenant Management Endpoints
>> yuuvis® Momentum Requirements - Tenant Management API
As of 2022 Spring, the service can be configured such that the idm-controller endpoints retrieve their information from a custom IDM proxy. The TENANT-MANAGEMENT service will call the custom proxy with an internal JSON Web Token (JWT) in the request header. This proxy can be used to connect other identity providers than Keycloak for reading purposes. An example proxy service is available as a beta version on request.
Note: If the service is not combined with Keycloak, all endpoints not belonging to the idm-controller are not available and return a 404
error.
In order to connect such a custom IDM proxy, create a tenant-management-prod.yml
configuration file with the following parameters:
idm: custom: enabled: true base-url: http://IDM_HOST:port |
The handling of profile-related configuration files is described for the core system.
>> Configuring Services using Profiles