Keycloak User and Group Procedures
SDL Authentication Utilizes Keycloak
Accessing the Keycloak instance for your cluster
-
Note the SDL/Data-Fabric URL used for accessing the WebGUI
-
Append "/auth" to default URL, for example:
https://{{ default_URL_for_accessing_SDL }}/auth -
Open a browser and navigate to the URL that includes the
/authpath -
Click on Administration Console
-
Login with provided credentials
SDL Users and Groups
For all SDL configurations, be sure to verify that Keycloak realm data-fabric` is selected from the upper-left drop-down. By default, the Master realm will be selected. > Note: Not completing this step of selecting the data-fabric realm will cause any subsequent configurations to be moot and invisible to SDL.
Creating Groups
Select Groups from the
-
In the Groups pane, click Create group
-
Input the desired name for the new group
-
Click Create
Creating Users
Select Users from the
-
In the User list pane, click Add user
-
If the desire is to have the new user reset their password on their first login, then select Update Password from the field Required user actions
-
Complete Username field with desired username for the new user account
-
Complete any additional fields as necessary for new user account
-
Add new user account to respective user groups by clicking Join Groups
-
Click Create
Adding Existing Users to a Group
Select Users from the
-
In the User list pane, click on the {{ username }} of user who will be added to a group
-
In the {{ username }} pane, click on the Groups tab, near the top
-
Click Join Group
-
In the Join groups for user {{ username }} pane, select the checkboxes for each group that user should be included in. > Note: Multiple groups can be selected in this view.
-
Click Join
There are many additional functions and features that can be configured and managed from Keycloak, however, these procedures only focus on the prediscussed topics for the current effort. For more information, please contact RAFT or consult Keycloak documentation.