Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 25 Next »

Overview

Admin App v3.0 supports two methods for authentication: web-forms authentication or single-sign on via Open ID Connect (OIDC).  Both utilize ASP.NET Core Identity as the underlying framework.  This page will provide details to configure Admin App based on the selected model.

Admin App Roles

Admin App uses two roles within the application for ODS/API management.  The Super-Administrator role is used to register multiple users with separate roles and privileges along with all ODS / API instances and its functions. The Administrator role is allowed to access only specific ODS / API instances and its functions. This user authentication model pairs well with multi-instance support within Admin App.

1. Super-Administrator (default role for the first user)

The Super-Administrator role is intended for an IT Administrator managing a collection of individual ODS instances, such as found within district collaboratives. 

Super-Administrator Permissions

  • Add a user
  • Assign a role to an added user
  • Register and delete ODS / API instances
  • Change and assign an ODS / API instance to an added user
  • Change user settings for other users
  • Delete a user
  • Plus, all permissions of the Administrator role

2. Administrator

The Administrator role is one that can access one or more ODS instances assigned by the Super-Administrator. This means that users in the Administrator role can only administer ODS / API instances specifically assigned.

Administrator Permissions

  • Manage applications
  • API key/secret creation
  • View descriptors
  • Bulk data uploads
  • Learning standards synchronization

Securing Admin App

  1. Existing form authentication (Please refer here for more details)
  2. Single sign on (SSO)

Web Form Authentication

Click here to open Web Form Authentication setup instructions:

Error rendering macro 'toggle-cloak' : Page loading failed

Single Sign-On with Open ID Connect

Click here to open Single Sign-On with Open ID Connect setup instructions:

References:

https://learn.microsoft.com/en-us/aspnet/core/security/authentication/social/?view=aspnetcore-3.1&tabs=visual-studio

https://www.keycloak.org/getting-started/getting-started-docker



  • No labels