Managing User Groups
When managing users, groups should be created first and associated with their roles. In a second step, the users can be added to groups.
The following groups are predefined:
-
GENE_SERVICES
group contains users that represent technical components of the system like the Backend Service, Data Service, or Execution Service. This group is required for the Platform to function. -
GENE_USERS
group is provided as a commodity and is typically meant to contain all the end users of the system. -
GENE_ADMINS
group is provided as a commodity and is typically meant to contain the sub part of the groupGENE_USERS
that needs thePERMISSIONS_ADMIN
,API_KEY_ADMIN
andAPPLICATION_ADMIN
roles.
To manage user groups from Keycloak
-
Connect to the Keycloak administration console on port
9090
. For more details, please refer to Section Accessing the Application Endpoints. -
From the menu, click on Manage > Groups. The page User Groups opens.
-
From the Roles tab, the buttons New, Edit, Cut, Paste and Delete allow modifying the list of groups.
Listing the Available Groups
-
To add roles to a group:
-
From the page User Groups, select a group in the list and click on Edit. The page Groups > <group-name> opens.
Editing the Given Group
-
In the Role Mappings tab, select
gene-web
in Client Role.Mapping the 'gene-web' Client Role
-
Select a role from the Available Roles and use the button Add selected to add them to the Assigned Roles for the group. Another button allows to Remove selected roles from the Assigned Roles.
Adding Selected Roles
-