/
DSPM DRA - Setting up access to the platform

DSPM DRA - Setting up access to the platform

Owned by Space Sync for Confluence
Last updated: Mar 14, 2025

This is Step 3 of the DSPM DRA Setup

This is Step 3 of the DSPM DRA Setup

This information predates Quick Start Wizard. The instructions outlined in this document are now automated. You can skip this step.

Click here to go to the next step: DSPM DRA - Enabling Data Risk & Control Features

Initial setup

  1. Login to https://DSPM_URL/auth/admin

  2. Use default login and password admin/admin

  3. Change the default login and password for admin

    1. Select the Realm master in the top left corner

    2. Select Users in the left menu

    3. Select admin user from the users table

      SCR-20240604-pdxw.png
      Admin user location

d. Select Credentials from the top menu

  1. Select Reset password and follow the instructions in the modal window

    SCR-20240604-pesf.png
    Reset the password flow

  1. Change realm to gv:

    1. In the top left corner select gv from a dropdown

      image-20240604-162326.png
      Change realm

  2. Navigate to Clients in the left menu and select Dashboard from the table

    SCR-20240604-pamf.png
    Select Dashboard

  3. Select Root URL and Valid redirect URIs

    1. for Root URL set the URL to refer to your DSPM URL ending with /ui

    2. for Valid redirect URIs set the URL to refer to your DSPM URL ending with /ui/*

      SCR-20240604-paro.png
      Root URL and Valid redirect URIs

  4. Select Web origins and Admin URL

    1. for Web origins set the URL to refer to your DSPM URL ending with /ui

    2. for Admin URL set the URL to refer to your DSPM URL ending with /ui

      SCR-20240604-pavo.png
      Web origins and Admin URL

  5. Select Front-channel logout URL

    1. for Front-channel logout URL set the URL to refer to your DSPM URL ending with /auth/realms/gv/protocol/openid-connect/logout

      SCR-20240604-pays.png
      Front-channel logout URL

  6. Press Save at the bottom of the page

Configuring roles and groups

  1. Importing permissions setup to Keycloak (which is the Identity and Access Management Engine used by our apps)

    1. Select the realm gv Realm Setting Partial Import in the tool:

      SCR-20240604-ogak-20240604-150915.png

    2. In the Partial Import pop-up window click browse and provide this file: https://drive.google.com/file/d/1jkPOb6hSK50WeGONotP9cfAG-xtkM6je/view?usp=sharing. Make sure all the options are selected as in the screenshot below and set to SKIP for existing items and click Import button.

      KC-PermisImport.png

      Screenshot 2024-06-10 at 12.39.34.png

    3. Next, select Partial Import again and add this file: https://drive.google.com/file/d/1hN2BL4qJX-8YmzU2gZqPWrpxl3Zy37uK/view?usp=sharing. Make sure all the options are selected as in the screenshot below and set to SKIP for existing items and click Import button.

      KC-RBACImport.png

      You should then see a positive confirmation window:

      Screenshot 2024-06-10 at 12.45.44.png



Create a new user and assign roles

  1. Make sure you operate in the gv realm (top left corner)

  2. Navigate to Users and select Add user

    SCR-20240604-pbgm.png
    Creating a new user

  3. Give a name to your user by setting username

    SCR-20240604-pbkp.png
    Create a user flow

  4. Select Join Groups

    1. Select two groups

    2. Select Join

      SCR-20240604-pbpz.png
      Assign Groups

    3. Select Create

  5. Navigate to Credentials and press Set password

    SCR-20240604-pbte.png
    Set user’s password

    1. Set and save a password in the modal window

      SCR-20240604-pbxk.png
      Set the password

  6. Navigate to Role mapping

    1. Select Assign role

      SCR-20240604-pcbx.png
      Assign roles

    2. Select ADMIN and USER from the list and press Assign

      SCR-20240604-pcen.png
      Assign roles

    3. Select Assign role again

      1. From a modal window dropdown select Filter by clients

        SCR-20240604-pchc.png
        Change the filter

      2. Add the following roles with a check-box:

        1. ADMIN

        2. AGENT_CONFIGURATION_WRITE

        3. ANALYTICS_WRITE

        4. COMPLIANCE_HUB_READ

        5. COMPLIANCE_HUB_WRITE

        6. CONNECTIONS_WRITE

        7. DATA_REGISTER_READ

        8. DATA_REGISTER_WRITE

        9. DATA_RISK_WRITE

        10. DEPARTMENTS_FULL_READ

        11. DEPARTMENTS_FULL_WRITE

        12. DEPARTMENTS_PARTIAL_READ

        13. DEPARTMENTS_PARTIAL_WRITE

        14. EXPLORE_PAGE_WRITE

        15. LANGUAGE_SETTINGS_WRITE

        16. PATTERN_MATCHING_WRITE

        17. realm-admin

        18. REPORTS_WRITE

        19. TAGGING_WRITE

        20. USER

        21. USER_MANAGEMENT_WRITE

        22. view-users

          SCR-20240604-pckq.png
          Assign Roles

      3. Press Assign

 

Now, go to the Step 4, which is available via this link – DSPM DRA - Enabling Data Risk & Control Features

Now, go to the Step 4, which is available via this link – DSPM DRA - Enabling Data Risk & Control Features

 

 

 

 

 

 

 

 

 

 

 

 

Classified as Getvisibility - Partner/Customer Confidential