Page tree
Skip to end of metadata
Go to start of metadata

Summary: this page explains how to login to Keycloak for the first time and configure a redirect URI to ensure AIP Console front-end can be accessed from wherever required.

The AIP Console authentication provider has been totally restructured in ≥ 2.x and uses the open-source OAuth2 compatible Keycloak system. Keycloak provides local authentication, and can also interact with other enterprise authentication systems such as LDAP and SAML. Before you start using AIP Console, you should configure a redirect in Keycloak to allow access to AIP Console using the AIP Console host name or IP address in addition to localhost (which is pre-configured). If you do not, users will not be able to login to AIP Console correctly. To do so, connect to Keycloak from any machine on the local network:

http://localhost:8086
or
http://<ip_address>:8086
or
http://<host_name>:8086

Click the Administration Console option:

The default login credentials specified in the docker-compose.yml file are admin/admin - use these unless you have modified them as described in AIP Console - front-end installation:

These credentials are specific to Keycloak and not AIP Console. You can change the default password if required, post installation, using the following URL:

http://localhost:8086/auth/realms/master/account/#/security/signingin

Now click the Clients option and then click aip-console-client:

Click to enlarge

Now add a new redirect:

You should a redirect for each URL you want AIP Console to be accessible on. For example:

  • http://<aip_console_server_hostname>:8081/*
  • http://<aip_console_server_IP_address>:8081/*

Ensure you save the changes:

  • No labels