Administrator Access
A Syndeia Cloud installation allows offers at least one super-user administrator account.
The initial setting for the administrator account is name: super.user
and password: syn45ia
To prevent accidental system lock-outs, the designated super user account cannot be deleted.
To change who the designated super user is, edit the web-gateway service's application.conf
file and alter (or add a) super.user.email = "super.user@intercax.com"
line, ex: super.user.email = "mySuperUserAccountname"
.
We strongly recommend changing the username and password from the default.
Advanced Authentication Methods
Syndeia Cloud (SC) currently supports 3 different types of authentication mechanisms:
Local Authentication : best for small-size organizations that do not have a central directory service (supported automatically out-of-the-box and required for administrative operations)
LDAP Authentication : best for medium-size organizations that (typically) have an internal-only directory service
SAML2 Authentication : best for large-size organizations that have multiple web-based applications needing centralized control over more sophisticated authentication methods (typically supporting 2-Factor Authentication (2FA) / Multi-factor Authentication (MFA), Common Access Control (CAC) cards, SMS, etc. ) and authorization control
A SC administrator should select an authentication mechanism based on their organizational requirements and review the relevant configuration pages below for further steps:
Managing Users
A typical Syndeia Cloud deployment will most likely have application users beyond just the super.user
. Take this time to go through the provisioning process for those users. Depending on the Authentication Method chosen, the steps differ slightly. For any of the methods below, please see the User Management - Web Dashboard page to perform these operations:
Local Authentication : Create accounts individually in the Web Dashboard’s User Management page
LDAP Authentication : Once SC has had LDAP successfully configured, you can either:
A: invite those users to login to SC. Once the user has logged in for the first time, an LDAP profile will be auto-created for them and the user will appear in the Web Dashboard. You can then go and modify their permissions from the default Read-only permissions.
B: Pre-create those users using their email addresses in the Web Dashboard.
SAML2 Authentication : Once SC has had SAML successfully configured, you can either:
A: invite those users to login to SC. Once the user has logged in for the first time, a SAML2 profile will be auto-created for them and the user will appear in the Web Dashboard. You can then go and modify their permissions from the default Read-only permissions.
B: Pre-create those users using their email addresses in the Web Dashboard.
Note, there is currently no bulk user creation operation in SC (this is currently being implemented), however it is possible to bulk modify user permissions
Repository Configuration
A deployed Syndeia Cloud application provides the most benefit when linked to the various supported external Repository types, ex: Aras Innovator, Atlassian Bitbucket/Confluence/JIRA, jFrog Artifactory, GitHub, etc. A super.user
by default has the REPOSITORY_CREATE
permission to add/define external Repositories. However, depending on who is an administrator for that external repository, you may or may not have access to add them.
If you do have credentials, please add them in the Web Dashboard by following the steps provided at Repositories - Web Dashboard
If you do NOT have credentials, please invite a user or admin of the relevant administrator to login to add the external repository.