Page History
Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Accessing the Identity Management
In our Scheer PAS platform, we use Keycloak as identity management tool. You can access it via the corresponding tile in the Scheer PAS Portal . Only users with profile keycloak_user are able to see the tile in the portal. | |
If you click the identitiy identity management tile, the tool will open within the portal. |
Keycloak: Managing Authentication
Image Modified | Scheer PAS uses Keycloak to manage Single Sign-on for the platform. | ||
|
Creating Additional Keycloak Admins
Image Removed
You can create additional admins for Keycloak as follows:
Log into the identity management and go to realm Master.
Image Removed
Open menu Users and create a new user or edit an existing one.
Image Removed
Switch to tab Role Mappings and assign role admin in section Realm Roles.
Approving Users in Keycloak
PAS 22.1 Scheer PAS offers a user self registration feature which allows customers to request for an account. The feature is disabled by default but can be enabled upon request. Contact the Scheer PAS support team if you want to use the user self registration on your system.
Manual Approval of a User
Info |
---|
If the user self registration and the user approval workflow are enabled, every newly created user must be approved. However users are automatically approved when they are created via
|
Image Removed
Log into the identity management and navigate to tab Users.
Image Removed
Search for the user you want to approve and open the user datasheet with the Edit button.
Info |
---|
Approval users receive an email notification with details when a newly created user is waiting for approval. Refer to Adding Additional Approvers to learn more about this user group. |
Image Removed
In the user datasheet, remove the required user action Account Approval Required and press Save.
Image Removed
If you want to give the user permission to use the API Developer Portal, you must add the user to the group API-Management-Developer-Portal-Users.
Adding Additional Approvers
Image Removed
Members of the User-Approvers group have permission to approve new users who sign up using the self registration form.
Approval users also receive an email notification with details when a newly created user is waiting for approval.
If you want to add a user to the User-Approvers group, do as follows:
- Log into the identity management and navigate to tab Users.
- Search for the user and open the user datasheet with the Edit button.
- Open tab Groups.
- In section Available Groups, select User-Approvers and confirm with the Join button.
|
Panel | ||
---|---|---|
| ||
|
Panel | ||
---|---|---|
| ||
Panel | ||
---|---|---|
|
Otp | ||||
---|---|---|---|---|
|
Rp |
---|
...