Introduction
As part of this guide, you will be taken through step-by-step to setup Keycloak for your Synergy SKY Management Suite. The naming of the realm, clients, and roles cannot be changed otherwise it will cause issues when attempting to access the Management Suite after Keycloak is configured.
This quick start shows how to enable Keycloak and add a local user. Azure user management can be found here.
Initial Setup
- Select Synergy CONFIG from Synergy SKY Management Suite homepage
- When using FQDN make sure it has been added to ‘External Address’ in Network under General Settings and click on the Save Changes button at the top right of the screen
- Click on Keycloak on the Synergy SKY Management Suite homepage
- Create an admin Username and Password account and then login with those details to the Administration Console
- Move the cursor over the drop-down that says Master and click on Add Realm
- Import the template, this will auto-populate the name. Do not change this.
Download Keycloak Template
- To get the Insight (Analyze) Client Secret, go back to the Keycloak configuration page and select the SynergySKYAnalyze client found under Clients.
- Select the Credentials tab, click regenerate secret and copy the Secret from this page to the Analyze Client Secret in the Config Tool
- To get the Public Key, go back to the Keycloak configuration page and select Realm Settings
- Select the Keys tab and then click on the Public Key button across from RS256/RSA and copy text from the popup and paste into the Config Tool
- Once Analyze Client Secret and Public Key have been added, click on Verify Keycloak Login button and Sign In with the User (E.g. demo@test.com) account
- Once verified, click on Save Changes in the Config Tool and then deploy the configuration
Add User
This explains how to add a local user in Keycloak. For AAD, please follow this guide.
- Select Users from left hand panel and click Add User
- Create a local user (E.g. demo@test.com) then click Save
- Under the Credentials tab type a password (E.g. password), toggle Temporary to OFF and Set Password
- Under the Role Mappings tab use the Client Roles drop-down to select ‘SynergySKYConfig’ and add ‘ConfigAdmin’ to Assigned Roles
- Add Roles from ‘SynergySKYControl’ & ‘SynergySKYAnalyze’ in the same manner
- You can assign all Insight (Analyze) Roles to a single User or only one (1)
N.B. It is possible to assign roles by default under the Groups heading in the left-hand panel. Here you can create a group, assign Client Roles and then add to Default Groups
- You can assign all Insight (Analyze) Roles to a single User or only one (1)
- Open a new web browser and try to access Synergy SKY Config Tool page using the User created in Keycloak