Is it needed to keep the ifsadmin account active in an IFS Cloud installation? After customer has setup users that has admin access, they want to disable it. Do we need to also remove this entry from the yaml file then, or is the account needed from the pods for some reason?
This is a Remote Deployment.
+15
Hi
IFSADMIN is a privileged superuser. As you know, authentication is not tied to WebLogic anymore. Instead, client apps interact with a single container called IFSIAM (IFS Identity and Access Management) to get authenticated. If an issue occurs at the IAM identity provider (Keycloak), you won’t have access to the application until it's fixed. In such a scenario, the IFSADMIN user becomes handy, as it provides a backdoor way to access the application. Do the admin access users have this privilege?
What is the specific privilege the user needs to be granted to have this access?
How is IFSADMIN able to log on if identity provider is not working.
Instead of ADFS, as the user has setup, ifsadmin will login using db credentials?
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
