This section provides details on post-deployment configurations of Syndeia Cloud.
Table of Contents | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Administrator Access
A Syndeia Cloud installation allows offers at least one super-user administrator account.
...
To prevent accidental system lock-outs, the designated super user account cannot be deleted.
To change who the designated super user is, edit the web-gateway service's application.conf
file and alter (or add a) super.user.email = "super.user@intercax.com"
line, ex: super.user.email = "mySuperUserAccountname"
.
We strongly recommend changing the username and super.user password from the default. , and adding to a secure password vault so your admin team can retrieve it later.
Advanced Authentication Methods
...
If you do have credentials, please add them in the Web Dashboard by following the steps provided at Repositories - Web Dashboard
If you do NOT have credentials, please invite a user or admin of the relevant external repository to sign-in to add it
Info |
---|
Syndeia Cloud only acts as a proxy for each individual user when it accesses any external Repository. Each user has to supply their specific credentials for each repository that they interact with either directly or through Syndeia. Syndeia Cloud does NOT store those credentials into its database. |
To manage your access to individual repositories, see Repositories - Web Dashboard
JWT Token Signing Algorithm
Status | ||||
---|---|---|---|---|
|
Starting with Syndeia 3.6 SP1, Syndeia IT admins may select RS256 instead of the default HS256 as the signing algorithm for JWT tokens generated by Syndeia Cloud during authentication. This may be especially required for enabling FIPS mode.
Open the
silhouette.conf
file located inweb-gateway/conf
in the Syndeia Cloud deployment.Change the default value of the setting
authenticator.signingAlgorithm
fromHS256
toRS256
.Add a valid PEM certificate with both the private and public key as the value of
authenticator.sharedSecret
setting, as shown in lines 28-33 in the screenshot below. Use triple quotes (“““) to enclose the multi-line value.Comment out the
authenticator.sharedSecret
setting shown in line 35. There should be only one entry forauthenticator.sharedSecret
setting.Save the file and restart the web-gateway service.
...