DSPM DRA - Setting up access to the platform

Initial setup

1. Login to https://DSPM_URL/auth/admin

2. Use default login and password admin/admin

3. Change the default login and password for admin

   1. Select the Realm master in the top left corner

   2. Select Users in the left menu

   3. Select admin user from the users table

      Open

      

      Admin user location

4. Select Reset password and follow the instructions in the modal window
   
   

   Open

   

   Reset the password flow

4. Change realm to gv:

   1. In the top left corner select gv from a dropdown
      
      

5. Navigate to Clients in the left menu and select Dashboard from the table
   
   

6. Select Root URL and Valid redirect URIs

   1. for Root URL set the URL to refer to your DSPM URL ending with /ui

   2. for Valid redirect URIs set the URL to refer to your DSPM URL ending with /ui/*

7. Select Web origins and Admin URL

   1. for Web origins set the URL to refer to your DSPM URL ending with /ui

   2. for Admin URL set the URL to refer to your DSPM URL ending with /ui
      
      

8. Select Front-channel logout URL

   1. for Front-channel logout URL set the URL to refer to your DSPM URL ending with /auth/realms/gv/protocol/openid-connect/logout

9. Press Save at the bottom of the page

Configuring roles and groups

1. Importing permissions setup to Keycloak (which is the Identity and Access Management Engine used by our apps)

   1. Select the realm gv → Realm Setting → Partial Import in the tool:

   2. In the Partial Import pop-up window click browse and provide this file: https://drive.google.com/file/d/1jkPOb6hSK50WeGONotP9cfAG-xtkM6je/view?usp=sharing. Make sure all the options are selected as in the screenshot below and set to SKIP for existing items and click Import button.
      
      

   3. Next, select Partial Import again and add this file: https://drive.google.com/file/d/1hN2BL4qJX-8YmzU2gZqPWrpxl3Zy37uK/view?usp=sharing. Make sure all the options are selected as in the screenshot below and set to SKIP for existing items and click Import button.

      You should then see a positive confirmation window:
      
      

      
      
      

Create a new user and assign roles

1. Make sure you operate in the gv realm (top left corner)

2. Navigate to Users and select Add user

3. Give a name to your user by setting username

4. Select Join Groups

   1. Select two groups

   2. Select Join

   3. Select Create

5. Navigate to Credentials and press Set password

   1. Set and save a password in the modal window

6. Navigate to Role mapping

   1. Select Assign role

   2. Select ADMIN and USER from the list and press Assign

   3. Select Assign role again

      1. From a modal window dropdown select Filter by clients

      2. Add the following roles with a check-box:

         1. ADMIN

         2. AGENT_CONFIGURATION_WRITE

         3. ANALYTICS_WRITE

         4. COMPLIANCE_HUB_READ

         5. COMPLIANCE_HUB_WRITE

         6. CONNECTIONS_WRITE

         7. DATA_REGISTER_READ

         8. DATA_REGISTER_WRITE

         9. DATA_RISK_WRITE

         10. DEPARTMENTS_FULL_READ

         11. DEPARTMENTS_FULL_WRITE

         12. DEPARTMENTS_PARTIAL_READ

         13. DEPARTMENTS_PARTIAL_WRITE

         14. EXPLORE_PAGE_WRITE

         15. LANGUAGE_SETTINGS_WRITE

         16. PATTERN_MATCHING_WRITE

         17. realm-admin

         18. REPORTS_WRITE

         19. TAGGING_WRITE

         20. USER

         21. USER_MANAGEMENT_WRITE

         22. view-users
             
             

      3. Press Assign