Page History
Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Accessing
Keycloakthe Identity Management
In our Scheer PAS platform, we use Keycloak as identity management tool. You can access Keycloak it via the corresponding tile in the Scheer PAS Portal. Only users with profile keycloak_user are able to see the tile in the portal. | |||
If you click on the Keycloak identitiy management tile, the tool will open within the portal.
|
Keycloak: Managing Authentication
Scheer PAS uses Keycloak to manage Single Sign-on for the platform. | |||
|
Creating Additional Keycloak Admins
Image Added | You can create additional admins for Keycloak as follows: |
Log into the identity management and go to realm Master. |
Image Added |
Open menu Users and create a new user or edit an existing |
one. | |
Image Added | Switch to tab Role Mappings |
and assign role admin in section Realm Roles. |
Approving Users in Keycloak
PAS 22.1 Scheer PAS offers a user self registration feature which allows customers to request for an account. The feature is disabled by default but can be enabled upon request. Contact the Scheer PAS support team if you want to use the user self registration on your system.
Manual Approval of a User
Info |
---|
If the user self registration and the user approval workflow are enabled, every newly created user must be approved. However users are automatically approved when they are created via
|
Image Added | Log into the identity management and navigate to tab Users. | ||
Image Added | Search for the user you want to approve and open the user datasheet with the Edit button.
| ||
Image Added | In the user datasheet, remove the required user action Account Approval Required and press Save. | ||
Image Added | If you want to give the user permission to use the API Developer Portal, you must add the user to the group API-Management-User. |
Adding Additional Approvers
Image Added | Members of the User-Approvers group have permission to approve new users who sign up using the self registration form. Approval users also receive an email notification with details when a newly created user is waiting for approval. If you want to add a user to the User-Approvers group, do as follows:
|
...