Introduction

Learn more about what codamAI and the authentication.

Keycloak

We use keycloak. TODO

Environments keycloak

SET cms_user_management_client=keycloak.v15_0_2 SET auth_url=https://auth.relas-systems.com/auth SET auth_realm=myRealm SET auth_client=cms SET AUTH_SSL=EXTERNAL SET auth_admin=admin SET auth_password=PW

add user (single mode)

Just create a user in keycloak, with username and email. You don't need to restrict the username. The CMS will only use the id of keycloak user to match ownership.

add user (multi mode)

Create users in keycloak, and add a "tenant" attribute with the specific value (your own tenant id). Use only [a-zA-Z0-9_-] to avoid problems. With all these characters it's tested. Other are possible, but not tested. At the first login the tenant will be pulled and insert into the system database. After that you can delete the attribute. To group users in tenants, just use the same tenant id.

technical user (client access)

access via client secret and support roles

Authentication clients

None Client

and so on

add your own client

Add your own user access management client

service accounts

Header: tenant as string

Must have role: system-service-account

# Introduction

# Keycloak

# Environments keycloak

# add user (single mode)

# add user (multi mode)

# technical user (client access)

# Authentication clients

# None Client

# add your own client

# service accounts