Skip to main content
Version: Deploy 22.3

Post Install Keycloak Configuration for Deploy

Follow these instructions if you have chosen Keycloak for OIDC authentication.

Configuring User Permissions

As an admin, you can add user roles, assign role-based permissions, and configure Keycloak users with the required user roles.

To add user roles:

  1. Log in to Digital.ai Deploy as admin, or a user with the Admin global permission.
  2. From Explorer, click User Management > Roles > Add Role, and type the role. For example oidc-administrators.
  3. Click Save.

To assign global permissions to the user role:

  1. From Explorer, click User Management > Global Permissions, and select the check boxes next to the user role (for example, oidc-administrators) to define the required permissions for the selected user role.

    Assign Global Permissions

After assigning global permissions to the user role, to configure Keycloak users with this user role:

  1. Log in to Keycloak as admin.

  2. In the navigation pane, under Manage, click Users and select the user, for example — Alice.

  3. From the Role Mapping tab, choose the role under Assigned Roles.

    Assign User Roles

    Note: For information about the role, click Roles under the Configure group.

Logging in to the Deploy Application

After configuring the parameters, you can verify the OIDC authentication by accessing the Deploy application.

  1. In a web browser, enter the URL of the Deploy application.

    You will be redirected to the Keycloak Login screen.

    Keycloak Login Screen

  2. If configured, enter the username and password for Deploy, or enter the default username and password (admin/admin).

    Note: After the successful configuration of Keycloak OIDC authentication, the default login credentials (admin/admin) will no longer work.

    After a successful authentication, you will be redirected to the Deploy dashboard.

    Deploy Dashboard

Note:

  • By default, the Operator comes with the default realm — digitalai-platform. You can use this realm to configure users and identity providers for Digital.ai products, such as Release and Deploy.
  • To sign in as oidc-user, you can use the login credentials of any of the following sample users: alice, bob, carol, elrond, eve.
  • If you want to sign in as an internal user, browse directly to http://example.com/login.