Merge pull request #18 from ssilvert/admin-access-control-chapter
Minor changes to admin console permissions chapter.
This commit is contained in:
commit
4bfc50396a
3 changed files with 7 additions and 7 deletions
|
@ -2,6 +2,6 @@
|
|||
|
||||
== Admin Console Access Control and Permissions
|
||||
|
||||
Each realm created on the {{book.project.name}} has a dedicated Admin Console from which that realm can be managed from.
|
||||
Each realm created on the {{book.project.name}} has a dedicated Admin Console from which that realm can be managed.
|
||||
The `master` realm is a special realm that allows admins to manage more than one realm on the system. You can also
|
||||
define fine-grain access to users in different realms to manage the server. This chapter goes over all the scenarios for this.
|
||||
define fine-grained access to users in different realms to manage the server. This chapter goes over all the scenarios for this.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
|
||||
=== Master Realm Access Control
|
||||
|
||||
The `master` realm in {{book.project.name}} is a special realm and treated differently that other realms.
|
||||
The `master` realm in {{book.project.name}} is a special realm and treated differently than other realms.
|
||||
Users in the {{book.project.name}} `master` realm can be granted permission to manage zero or more realms that are deployed on the {{book.project.name}} server.
|
||||
When a realm is created, {{book.project.name}} automatically creates various roles that grant fine-grain permissions to access that new realm.
|
||||
Access to The Admin Console and Admin REST endpoints can be controlled by mapping these roles to users in the `master` realm.
|
||||
|
@ -16,7 +16,7 @@ These are:
|
|||
* create-realm
|
||||
|
||||
Users with the `admin` role are super users and have full access to manage any realm on the server. Users with the `create-realm` role
|
||||
are allowed to create new realms. Any new realm they create they will be granted full access to.
|
||||
are allowed to create new realms. They will be granted full access to any new realm they create.
|
||||
|
||||
==== Realm Specific Roles
|
||||
|
||||
|
@ -42,6 +42,6 @@ The roles available are:
|
|||
* manage-identity-providers
|
||||
* impersonation
|
||||
|
||||
Assign the roles you want to your users and they will only be able to use that specific part of the administration console
|
||||
Assign the roles you want to your users and they will only be able to use that specific part of the administration console.
|
||||
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ Each realm has a dedicated Admin Console that can be accessed by going to the ur
|
|||
Users within that realm can be granted realm management permissions by assigning specific user role mappings.
|
||||
|
||||
Each realm has a built-in client called `realm-management`. You can view this client by going to the
|
||||
`Clients` left menu item of your realm. This client define client-level roles that specify permissions that can be granted to manage the realm.
|
||||
`Clients` left menu item of your realm. This client defines client-level roles that specify permissions that can be granted to manage the realm.
|
||||
|
||||
* view-realm
|
||||
* view-users
|
||||
|
@ -23,5 +23,5 @@ Each realm has a built-in client called `realm-management`. You can view this c
|
|||
* manage-identity-providers
|
||||
* impersonation
|
||||
|
||||
Assign the roles you want to your users and they will only be able to use that specific part of the administration console
|
||||
Assign the roles you want to your users and they will only be able to use that specific part of the administration console.
|
||||
|
||||
|
|
Loading…
Reference in a new issue