Advanced Keycloak
Note
This section is intended to enable experienced Keycloak admins to add additional features. You do not need to perform any steps below to configure a basic installation.
Once you have configured Keycloak using your preferred service, an advanced admin can use Keycloak to implement data access authorization policies. For more information, see Keycloak Documentation.
Keycloak allows you to create policies and permissions to permit or restrict access by users or groups to data stored in the Obcerv platform and the APIs that can be used to directly or indirectly modify that data.
Keycloak realms are used to provide logical separation of users, groups, roles, and similar concepts between different contexts. A default master
realm exists which is used for administrative purposes, such as the bootstrapping and initial configuration of Keycloak itself, including the creation of the obcerv
realm.
The configuration of data access authorization described in this section of the documentation is solely for the obcerv
realm – this is where users and groups that are used to login to Obcerv exist.