DSPM DRA - Setting up access to the platform

Initial setup

1. Login to https://DSPM_URL/auth/admin

2. Use default login and password admin/admin

3. Change the default login and password for admin

   1. Select the Realm master in the top left corner

   2. Select Users in the left menu

   3. Select admin user from the users table

      

4. Select Credentials from the top menu

   1. Select Reset password and follow the instructions in the modal window
      

      

5. Change realm to gv:

   1. In the top left corner select gv from a dropdown
      

      

6. Navigate to Clients in the left menu and select Dashboard from the table
   

   

7. Select Root URL and Valid redirect URIs

   1. for Root URL set the URL to refer to your DSPM URL ending with /ui

   2. for Valid redirect URIs set the URL to refer to your DSPM URL ending with /ui/*

      

8. Select Web origins and Admin URL

   1. for Web origins set the URL to refer to your DSPM URL ending with /ui

   2. for Admin URL set the URL to refer to your DSPM URL ending with /ui
      

      

9. Select Front-channel logout URL

   1. for Front-channel logout URL set the URL to refer to your DSPM URL ending with /auth/realms/gv/protocol/openid-connect/logout

      

10. Press Save at the bottom of the page

Configuring roles and groups

1. Importing permissions setup to Keycloak (which is the Identity and Access Management Engine used by our apps)

   1. Select the realm gv → Realm Setting → Partial Import in the tool:

      

   2. In the Partial Import pop-up window click browse and provide this file: https://drive.google.com/file/d/1jkPOb6hSK50WeGONotP9cfAG-xtkM6je/view?usp=sharing. Make sure all the options are selected as in the screenshot below and set to SKIP for existing items and click Import button.
      

      
      

   3. Next, select Partial Import again and add this file: https://drive.google.com/file/d/1hN2BL4qJX-8YmzU2gZqPWrpxl3Zy37uK/view?usp=sharing. Make sure all the options are selected as in the screenshot below and set to SKIP for existing items and click Import button.

      

      You should then see a positive confirmation window:
      

      

      
      

Create a new user and assign roles

1. Make sure you operate in the gv realm (front left corner)

2. Navigate to Users and select Add user

   

3. Give a name to your user by setting username

   

4. Select Join Groups

   1. Select two groups

   2. Select Join

      

   3. Select Create

5. Navigate to Credentials and press Set password

   

   1. Set and save a password in the modal window

      

6. Navigate to Role mapping

   1. Select Assign role

      

   2. Select ADMIN and USER from the list and press Assign

      

   3. Select Assign role again

      1. From a modal window dropdown select Filter by clients

         

      2. Add the following roles with a check-box:

         1. realm-admin

         2. view-users

         3. DATA_REGISTER_READ

         4. DATA_RISK_WRITE

         5. ANALYTICS_WRITE

         6. PATTERN_MATCHING_WRITE

         7. DATA_REGISTER_WRITE

         8. REPORTS_WRITE

         9. USER_MANAGEMENT_WRITE

         10. ADMIN

         11. DEPARTMENTS_PARTIAL_WRITE

         12. USER

         13. CONNECTIONS_WRITE

         14. DEPARTMENTS_FULL_READ

         15. DEPARTMENTS_FULL_WRITE

         16. EXPLORE_PAGE_WRITE

         17. COMPLIANCE_HUB_WRITE

         18. AGENT_CONFIGURATION_WRITE

         19. TAGGING_WRITE

         20. COMPLIANCE_HUB_READ

         21. LANGUAGE_SETTINGS_WRITE

         22. DEPARTMENTS_PARTIAL_READ

             

      3. Press Assign