Configuring the Dynamic Workload Console for Single Sign-On
Configure the Dynamic Workload Console for Single Sign-On.
About this task
This means that using SSO you can run queries on the plan or manage item definitions on the database accessing the engine without authenticating, automatically using the same credentials you used to log in to the Dynamic Workload Console.
The same is true when working with the Self-Service Catalog app from a mobile device. If the Dynamic Workload Console has been configured to use SSO, then these apps automatically use the same credentials used to log in to the Dynamic Workload Console.
After the installation completes, you can configure the Dynamic Workload Console and the HCL Universal Orchestrator engine to use SSO. To do this, they must share the same authentication provider user registry. See Configuring a user registry for more details.
The default user of the Dynamic Workload Console is already configured for SSO. You can configure SSO for other users using an MP-JWT token.
Configuring the Dynamic Workload Console for Single Sign-On with MP-JWT
About this task
Perform the following steps:
Procedure
- Configure an authentication provider for the Dynamic Workload Console as explained in Configuring a user registry.
-
Create the Access Control list for the authentication
provider user or group. For example, to give full
access on folders to an LDAP group perform the
following steps:
- From the Dynamic Workload Console open the Manage Workload Security panel and select Give access to users and groups.
- Select the LDAP group from the drop-down list and FULL_CONTROL in the field Role.
- Select Folder and
assign the root by clicking
/
. - Save