Manage users
When you deploy and host MOSTLY AI for your organization, you can manage access to MOSTLY AI with the Keycloak and Access Management services.
Manage users
Follow the steps below to manually add users:
Steps
-
Navigate to Keycloack by appending
/authto your MOSTLY AI platform URL, for example:https://mostlyai.mycompany.com/auth. -
Login with the Admin credentials created during installation.
-
If you have deployed a Docker-based version of MOSTLY AI, you can find these credentials in the
docker-compose.ymlfile located in the/opt/mostly-ai/etc/directory. The credentials are stored in theKEYCLOAK_USERandKEYCLOAK_PASSWORDfields.mostly-keycloak: image: mostlyai/mostly-keycloak:latest container_name: mostly-keycloak hostname: mostly-keycloak depends_on: - mostly-keycloak-postgres environment: - VIRTUAL_HOST=login.${MOSTLY_GENERATE_DOMAIN} # login.mostly.mycompany.com - VIRTUAL_PORT=${MOSTLY_GENERATE_PORT} # 8080 - LETSENCRYPT_HOST=login.${MOSTLY_GENERATE_DOMAIN} # login.mostly.mycompany.com - KEYCLOAK_USER=admin # admin - KEYCLOAK_PASSWORD=adminpassword123456789 # adminpassword123456789 - DB_VENDOR=postgres # postgres - DB_ADDR=mostly-keycloak-postgres # mostly-keycloak-postgres - DB_PORT=5432 # 5432 - DB_DATABASE=mostly_keycloak # mostly_keycloak - DB_USER=mostly_keycloak # mostly_keycloak - DB_PASSWORD=mostly_keycloak # mostly_keycloak - PROXY_ADDRESS_FORWARDING=true - X509_CA_BUNDLE=/opt/mostly-keycloak-setup/enterprise_mostlylab.crt -
For Kubernetes or OpenShift deployments of MOSTLY AI, credentials are base64 encoded in:
KEYCLOAK_USER: admin KEYCLOAK_PASSWORD: adminpassword123456789
-
-
Click Manage realms and select
mostly-generate. -
Click Users in the left-side navigation menu.
-
Click Add user.
-
Complete the information for the new user such as Email, First Name, and Last Name.
-
Click Save to complete the user creation process.
-
You are redirected to the user profile page. Open the Credentials tab to set a password for this user account.
-
Enter a new, secure password in the Password and Password confirmation fields.
-
Click Set password to complete the process.
Integrate Keycloak with Active Directory
Follow these steps to integrate Keycloak with your organizational Active Directory:
Steps
-
Navigate to Keycloack by appending
/authto your MOSTLY AI platform URL, for example:https://mostlyai.mycompany.com/auth. -
Login with the Admin credentials created during installation.
- If you have deployed a Docker-based version of MOSTLY AI, you can find these credentials in the
docker-compose.ymlfile located in the/opt/mostly-ai/etc/directory. The credentials are stored in theKEYCLOAK_USERandKEYCLOAK_PASSWORDfields.mostly-keycloak: image: mostlyai/mostly-keycloak:latest container_name: mostly-keycloak hostname: mostly-keycloak depends_on: - mostly-keycloak-postgres environment: - VIRTUAL_HOST=login.${MOSTLY_GENERATE_DOMAIN} # login.mostly.mycompany.com - VIRTUAL_PORT=${MOSTLY_GENERATE_PORT} # 8080 - LETSENCRYPT_HOST=login.${MOSTLY_GENERATE_DOMAIN} # login.mostly.mycompany.com - KEYCLOAK_USER=admin # admin - KEYCLOAK_PASSWORD=adminpassword123456789 # adminpassword123456789 - DB_VENDOR=postgres # postgres - DB_ADDR=mostly-keycloak-postgres # mostly-keycloak-postgres - DB_PORT=5432 # 5432 - DB_DATABASE=mostly_keycloak # mostly_keycloak - DB_USER=mostly_keycloak # mostly_keycloak - DB_PASSWORD=mostly_keycloak # mostly_keycloak - PROXY_ADDRESS_FORWARDING=true - X509_CA_BUNDLE=/opt/mostly-keycloak-setup/enterprise_mostlylab.crt - For Kubernetes or OpenShift deployments of MOSTLY AI, credentials are base64 encoded in:
KEYCLOAK_USER: admin KEYCLOAK_PASSWORD: adminpassword123456789
- If you have deployed a Docker-based version of MOSTLY AI, you can find these credentials in the
-
Click Manage realms and select
mostly-generate. -
Click User Federation in the left-side navigaton menu.
-
Select Add LDAP provider.
-
Complete the fields on the Add LDAP provier page. Each field is described in the Keycloak UI.
-
Click Save to complete the process.