Granting Admin UI access to Other Users

This topic contains 4 replies, has 4 voices, and was last updated by  ravindareddy 1 week, 1 day ago.

  • Author
    Posts
  • #16219
     Bhanuprakash 
    Participant

    Hi All,

    We have requirement to grant Admin UI access to a user with custom role ( not openidm-admin).

    we have edited ui-configuration file as below

    “custom-role” : “ui-admin”

    still getting unauthorised, any other configurations needed to complete this requirement.
    version: IDM 4.0.0

    Thanks,
    Bhanuprakash M

    #16233
     Jake Feasel 
    Moderator

    You will definitely need to update access.js too, so that the new role is recognized in the backend authz enforcement.

    #16242
     Bhanuprakash 
    Participant

    added below lines in access.js

    {
    “pattern” : “*”,
    “roles” : “custom-role”,
    “methods” : “*”,
    “actions” : “*”
    }

    Still getting unauthorised access error. any other changes required?

    Thanks,
    Bhanuprakash

    #17170
     cristianoburgo 
    Participant

    if you use a custom role this means that it is a managed role.
    The configuration file must know the role through its objectid, so you need to modify the roles property adding the related objectid retrieved on the managed obejct table on the database or using a Rest call. See below an example:

    {
    “pattern” : “*”,
    “roles” : “d59dcf20-c5a5-4574-ae96-06640908c955”,
    “methods” : “*”,
    “actions” : “*”
    }

    Remember to add the role on the AUTHZ tab for the user you are testing.

    #22285
     ravindareddy 
    Participant

    Hi,

    I want to list the users who is having the admin access in IDM, Please share the query.

    Thanks for your time in advance.

    Thank you
    Ravindar

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2018 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?