Identity Plugin Pepr component for managing group authorization to applications. This is only the implementation, meaning a package (i.e. grafana) will need to be configured for this to work. This is also dependent on a new release of uds-identity-config.
How to test
Update the identity config image here and here to include/change : ttl.sh/uds-core-config:group-plugin-groups-attribute
In addition to the identity config image, update the grafana package to require a specific group to access the application like so:
With those changes utilize the test-uds-core task to test, no user is created by default so either go into keycloak and setup the user manually or go to sso.uds.dev and register a user there, then navigate to the grafana.admin.uds.dev and you should be redirected to a login page and depending on if you're in the admin group or not be granted access to the grafana dashboard.
Description
Identity Plugin Pepr component for managing group authorization to applications. This is only the implementation, meaning a package (i.e. grafana) will need to be configured for this to work. This is also dependent on a new release of uds-identity-config.
How to test
Update the identity config image here and here to include/change :
ttl.sh/uds-core-config:group-plugin-groups-attribute
In addition to the identity config image, update the grafana package to require a specific group to access the application like so:
With those changes utilize the
test-uds-core
task to test, no user is created by default so either go into keycloak and setup the user manually or go tosso.uds.dev
and register a user there, then navigate to thegrafana.admin.uds.dev
and you should be redirected to a login page and depending on if you're in the admin group or not be granted access to the grafana dashboard.Related Issue
Relates to
uds-identity-config
PRType of change
Checklist before merging