# Datawiza Cloud Management Console (DCMC) Configuration

# Preview

In this section, we will show you how to create an application on the Datawiza Cloud Management Console (DCMC) and generate a pair of PROVISIONING_KEY and PROVISIONING_SECRET for this app. This key pair is used by the Datawiza Access Broker to get the latest configurations and policies from the Datawiza Cloud Management Console.

# Sign Into DCMC

Log into the DCMC.

Log Into DCMC

# Create New Deployment In DCMC

Welcome to the DCMC homepage! Let's get started:

Click the orange button Get started. Specify a Name and a Description, and click Next.

New deployment

# Provisioning Keys

Create your set of provisioning keys. This enables the DCMC to verify the Datawiza Access Broker (DAB)'s authenticity. Specify a Key Name and set the Expires field to be 1 month later.

Provisioning Key

# Add Application

Configure your application with the following values:

Platform: Web or API
App Name: Demo App
Public Domain: http://localhost:9772
Listen Port: 9772
Upstream Servers: http://host.docker.internal:3001
Default Action: Allow
- Visit Step5: Granular Access Control to learn more about the Default Action configuration option.
Select Create.

Note that upstream sever is the address of the application that you want to enable SSO.

If you use the DAB in sidecar mode and your application is running on localhost:3001 on Mac or Windows, then set the upstream server to host.docker.internal:3001 (Docker 18.03+).
If your application is running on Linux, use ip addr show docker0 to get docker host IP (e.g., 172.17.0.1) and then set upstream server to 172.17.0.1:3001 (see this for more details).

Create app in DCMC Azure

# IdP Configuration

Choose your Identity Provider from the drop-down menu.

Azure AD

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Microsoft Azure AD. Alternatively, you can use One Click Integration to configure the Azure.

Okta

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Okta.
Note that the Okta API Token is optional. It can be used to get more info about the user. You can see here for more details.

Auth0

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Auth0.

Keycloak

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Keycloak.

Google

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Google.

G Suite

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: G Suite.

Azure AD B2C

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Microsoft Azure AD B2C.

# Authorizer Configuration

We support two types of API authorization: Basic Auth and JWT

# Basic Auth

For Basic Auth, we support Okta as IdP:

# JWT

For JWT, we support Auth0, Keycloak, Microsoft Azure AD, Microsoft Azure AD B2C, and Okta: JWT

# Resource Path

Define the resource path which you want to be authorized. For the API application, any request access to the path not configured in Resource Path will follow the default action. For the Web application, the request will be redirected to IdP login page.

# Note Down Provisioning Keys

Note down your PROVISIONING_KEY and PROVISIONING_SECRET. We will need these values later when deploying the DAB. Below, you will also find a sample docker-compose file provided for you. Feel free to use this, or if you are looking for Kubernetes-specific instructions, visit Deploy DAB with Kubernetes.

Obtain Provisioning Key

# Summary

We have shown you how to create a deployment and an application on the DCMC and generate a PROVISIONING_KEY and PROVISIONING_SECRET for our app.

← 1: Configure an IdP 3: Deploy Datawiza Access Broker With Your App →