User Configuration OIDC
This configuration is done in the Keycloak admin console.
Prerequisites
- user with admin rights for Keycloak
Realm model
A Keycloak realm manages a set of users, credentials, and roles. A user always belongs to one realm. So realms are isolated from one another. We differentiate between two kinds of realms.
- One is needed for the solution center and Solution Hub component
- One is needed for a Solution Envoy
So if you have three Solution Envoys in place you could have configured and use up to four Keycloak realms.Its also possible to use only one realm for the solution center and solution-Solution Hub component and for every Solution Envoy. That would make sense if all users should have access to all components and all Solution Envoys for example.
Create a new user
- Open Keycloak admin console, e.g. https://identity.apps.openshift-01.example.cloud
- Choose a realm
- Open Users->Add user
- Required input parameters are - Username
- Email
- First Name
- Last Name
 
- Savethe new user
Set initial password for the user
- Open the created user
- Go to Credentials
- Create initial New Passwordand confirm it
- Activate flag Temporarythat the user has to change the password with the first login
- Press Reset Password
Assign roles to the user
- Go to Role Mappings
- Select needed Available Roles
- Press Add selected >to assing the roles (see User Role model)