SpaceDeck – Administration

Access the Administration Screen

If a user role is defined as an Admin, the Administration screens can be accessed via the cog at the bottom left hand corner.

General Setup

Populate the Connection fields in order to configure SSO Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. login using a predefined IDP An identity provider, or IDP, stores and manages users' digital identities. IDP and SSO can work together to authenticate users..

For user management through the IDP, roles and groups are created and then certain roles can be assigned to the user, for example admin. Via SpaceDeck GigaSpaces intuitive, streamlined user interface to set up, manage and control their environment. Using SpaceDeck, users can define the tools to bring legacy System of Record (SoR) databases into the in-memory data grid that is the core of the GigaSpaces system. roles are then created with the same name which was created in the IDP and permissions are then assigned accordingly for each role.

Connection Fields

• Provider type – The protocol the IDP supports. Currently GigaSpaces supports using any IDP that supports OpenID Connect (OIDC OpenID Connect (OIDC) is an open authentication protocol that works on top of the OAuth 2.0 framework. Targeted toward consumers, OIDC allows individuals to use single sign-on (SSO) to access relying party sites using OpenID Providers (OPs), such as an email provider to authenticate their identities.).

• Provider id – This is a generic ID that will be used as a name for the auth-config creator.

• Redirect URIs – Upon successful sign-in, this endpoing in our server will receive the data from the IDP.

• Issue URL – URL of the IDP issuer.  For example, Okta, JumpCloud, Azure Active Directory, Github.

• Client Id – Unlike the Provider ID, this ID serves as a unique identifier which the IDP generates to the user so they can identify with it,

• Client Secret – This is a secret key that is used with the Client ID in order to improve security.

• Authorization Grant Type – Each IDP has rules regarding how roles are grouped. These rules have an arbitrary name provided by the IDP. The roles user must use this name to create the roles.

Once the connection details are entered, click Apply.

Role Management

Each role that is configured will have certain privileges (permissions) assigned to it.

The roles should be configured by the company IT manager in the config map of the Kubernetes An open-source container orchestration system for automating software deployment, scaling, and management. environment or through IDP setup.

Default Roles

If there is no configuration in the config map (this is not recommended), there is one default roles that is included with the installation which cannot be edited via SpaceDeck and this is ROLE_ADMIN.

To see which privileges (permissions) are applied to a role (in this case ROLE_ADMIN), click the role name:

Creating a new Role

Create a new role by clicking New + to access the role setup page.