Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following privileges can be assigned:

  • Details

  • Users

  • Servers

  • Device groups

  • Multi-layouts

  • Layouts

  • Fixed Layouts

  • Functions

  • Monitors

  • Viewer macros

...

*Note: If a usergroup has “Live Access”, it will have access to all of the Livemenu features. If one or more of the Livemenu functions has been added to the usergroup, the usergroup will only have access to the given functions.

Identity Provider

The Identity Provider button opens the dialog to configure an Identity Provider using Keycloak integration. This is used to import users from Active Directory or other identidy provider configured in Keycloak.

...

The following dialog is opened:

...

  • Token URI: It is recommended to run Keycloak on the management server do the host is 127.0.0.1 by default using port 8080 (default for keycloak). This URI is to get an access token for the 'realm' (bold) configured in keycloak. This can be different depending on keycloak configuration:

  • Query URI: It is recommended to run Keycloak on the management server do the host is 127.0.0.1 by default using port 8080 (default for keycloak). This URI is to retrieve the users in the 'realm' (bold) configured in keycloak. This can be different depending on keycloak configuration:

  • Client ID: ClientID configured in Keycloak

  • Client Secret: Client Secret configured in keycloak for the Client ID

If these settings are configured correctly the '+' button to add user will have an extra option to add users from the identity provider:

...

Selecting ‘Identity Provider' will open the following dialog:

...

These are the users available in Keycloak which could be added to the VDG Sense userlist. Double-click on a user will add the user to the userlist:

...

It is in bold to highlight that this user is from an external identity provider. These users can also be added to user groups just like normal VDG Sense users. Password cannot be changed because that is defined within the Identity Provider. It can be given administrator rights if required.