# Datawiza Cloud Management Console (DCMC) Configuration

# Preview

In this section, we will show you how to create an application on the Datawiza Cloud Management Console (DCMC) and generate a pair of PROVISIONING_KEY and PROVISIONING_SECRET for this app. This key pair is used by the Datawiza Access Broker to get the latest configurations and policies from the Datawiza Cloud Management Console.

# Sign Into DCMC

  1. Log into the DCMC.

Log Into DCMC

# Create New Deployment In DCMC

Welcome to the DCMC homepage! Let's get started:

  1. Click the orange button Get started. Specify a Name and a Description, and click Next.

New deployment

# Provisioning Keys

  1. Create your set of provisioning keys. This enables the DCMC to verify the Datawiza Access Broker (DAB)'s authenticity. Specify a Key Name and set the Expires field to be 1 month later.

Provisioning Key

# Add Application

Configure your application with the following values:

  • Platform: Web or API
  • App Name: Demo App
  • Public Domain: http://localhost:9772
  • Listen Port: 9772
  • Upstream Servers: http://host.docker.internal:3001
  • Default Action: Allow
  • Select Create.

Note that upstream sever is the address of the application that you want to enable SSO.

  • If you use the DAB in sidecar mode and your application is running on localhost:3001 on Mac or Windows, then set the upstream server to host.docker.internal:3001 (Docker 18.03+).
  • If your application is running on Linux, use ip addr show docker0 to get docker host IP (e.g., 172.17.0.1) and then set upstream server to 172.17.0.1:3001 (see this for more details).

Create app in DCMC Azure

# IdP Configuration

  1. Choose your Identity Provider from the drop-down menu.
  • Azure AD

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Microsoft Azure AD. Choose Azure IdP Alternatively, you can use One Click Integration to configure the Azure. Choose Azure IdP

  • Okta

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Okta. Choose Okta IdP
Note that the Okta API Token is optional. It can be used to get more info about the user. You can see here for more details.

  • Auth0

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Auth0. Choose Auth0 IdP

  • Keycloak

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Keycloak. Choose Keycloak IdP

  • Google

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Google. Choose Google IdP

  • G Suite

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: G Suite. Choose G Suite IdP

  • Azure AD B2C

Populate the fields of the form with the keys/values obtained from IdP Configuration Guide: Microsoft Azure AD B2C. Choose Azure AD B2C IdP

# Authorizer Configuration

We support two types of API authorization: Basic Auth and JWT

# Basic Auth

For Basic Auth, we support Okta as IdP: Basic Auth

# JWT

For JWT, we support Auth0, Keycloak, Microsoft Azure AD, Microsoft Azure AD B2C, and Okta: JWT

# Resource Path

Define the resource path which you want to be authorized. For the API application, any request access to the path not configured in Resource Path will follow the default action. For the Web application, the request will be redirected to IdP login page.

# Note Down Provisioning Keys

Note down your PROVISIONING_KEY and PROVISIONING_SECRET. We will need these values later when deploying the DAB. Below, you will also find a sample docker-compose file provided for you. Feel free to use this, or if you are looking for Kubernetes-specific instructions, visit Deploy DAB with Kubernetes.

Obtain Provisioning Key

# Summary

We have shown you how to create a deployment and an application on the DCMC and generate a PROVISIONING_KEY and PROVISIONING_SECRET for our app.