X4 Produktdokumentation
X4 Produktdokumentation
Breadcrumbs

<Access>

The Access element contains configuration definitions for accessing the Web App.

Possible attributes


Source

Description

accessRight

Defines which role can access the Web App.

Possible values: Name of a previously defined role

Note:

The roles are managed in the Keycloak Administration Console.

authorizationFlow

Defines which authorization flow is used. If you do not want to require a login, use Public Access.

Note:

To use the single sign-on functionality, you must use the Authorization Code Flow.


Possible values:

  • Public Access

    Note:

    Users who access the Web App without login are recognized as ANONYMOUS_USER. They cannot be granted special rights.

  • Ressource Owner Password Flow

    Note:

    If a Web App uses the Resource Owner Password Flow authorization flow, a user with a temporary password cannot log in to that Web App.

    If you want to use temporary passwords, use the Authorization Code Flow.

    The Resource Owner Password Flow authorization flow will be removed in the next version. It is not recommended to use the Authorization Code Flow due to security reasons.

  • Authorization Code Flow

Note:

Keycloak must be configured according to the selected authorization flow.

realm

Defines which realm from Keycloak will be used.

Note:

The realm must be specified if the Authorization Code Flow or Resource Owner Password Flow is used and a realm other than the default should be used.

client

Defines which client from Keycloak will be used.

Note:

The client must be specified if the Authorization Code Flow or Resource Owner Password Flow is used and a client other than the default should be used.

clientSecret

Client Secret of the defined client, which can be read from Keycloak.

Note:

The client secret must be specified if the Authorization Code Flow or Resource Owner Password Flow is used and a client secret other than the default should be used.