{ "roles": { "realm": [ { "name": "default", "description": "Default role for a new user who is able to access all applications", "composites": { "realm": [ "MMM_user", "RDM_user", "MDM_user", "DQIT_user" ] } }, { "name": "admin", "description": "Admin role able to administer all applications", "composites": { "realm": [ "MMM_admin", "DPP_admin", "RDM_admin", "MDM_admin", "DQIT_supervisor", "DQIT_admin", "CS_admin" ] } }, { "name": "MMM_admin", "description": "Has access to everything and can do everything" }, { "name": "MMM_read-only", "description": "Has access to everything but cannot do anything" }, { "name": "MMM_application-admin", "description": "Can change configuration but have limited access outside configuration; it is superset of MMM_user" }, { "name": "MMM_user", "description": "Has access to everything needed for the application to work correctly" }, { "name": "MMM_data-manager", "description": "Works mainly with catalog and related entities (data sources, rule library, components, lookups)", "composites": { "realm": [ "MMM_user" ] } }, { "name": "MMM_metadata-manager", "description": "Manages metadata", "composites": { "realm": [ "MMM_user" ] } }, { "name": "MMM_data-analyst", "description": "Accesses catalog, glossary and rule library", "composites": { "realm": [ "MMM_user" ] } }, { "name": "MMM_dq-specialist", "description": "Works with monitoring projects and related entities (rule library, components, lookups)", "composites": { "realm": [ "MMM_user" ] } }, { "name": "MMM_data-governor", "description": "Defines policies and regulations", "composites": { "realm": [ "MMM_user" ] } }, { "name": "DPP_admin", "description": "Admin role for DPP grants access to DPM console and monitoring endpoints" }, { "name": "RDM", "description": "RDM role needed to log in" }, { "name": "RDM_user", "description": "RDM Common User", "composites": { "realm": [ "RDM" ] } }, { "name": "RDM_admin", "description": "RDM Administrator (can access Admin Console)", "composites": { "realm": [ "RDM" ] } }, { "name": "MDM_viewer", "description": "MDM Viewer (only browsing)" }, { "name": "MDM_user", "description": "MDM Common User (editor)" }, { "name": "MDM_admin", "description": "MDM Administrator (can do everything)" }, { "name": "DQIT_admin", "description": "DQIT Administrator" }, { "name": "DQIT_supervisor", "description": "DQIT Supervisor" }, { "name": "DQIT_user", "description": "DQIT User" }, { "name": "MMM_export", "description": "Can export all mmm data from application", "composites": { "realm": [ "MMM_user" ] } }, { "name": "ONE_PLATFORM_MONITORING", "description": "Role providing access to Prometheus" }, { "name": "CS_admin", "description": "Admin role for Configuration Service" } ] }, "users": [ { "username": "admin", "firstName": "Admin", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "admin" } ], "realmRoles": [ "default", "admin", "MMM_export" ] }, { "username": "jane.smith", "firstName": "Jane", "lastName": "Smith", "email": "Jane.smith@ataccama.com", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "jane" } ], "realmRoles": [ "default", "admin" ] }, { "username": "john.taylor", "firstName": "John", "lastName": "Taylor", "email": "John.taylor@ataccama.com", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "john" } ], "realmRoles": [ "default", "MMM_metadata-manager" ] }, { "username": "rachel.adams", "firstName": "Rachel", "lastName": "Adams", "email": "Rachel.Adams@ataccama.com", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "rachel" } ], "realmRoles": [ "default", "MMM_data-analyst" ] }, { "username": "paul.james", "firstName": "Paul", "lastName": "James", "email": "Paul.James@ataccama.com", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "paul" } ], "realmRoles": [ "default", "MMM_data-analyst", "MMM_data-governor" ] }, { "username": "olivia.miller", "firstName": "Olivia", "lastName": "Miller", "email": "olivia.miller@ataccama.com", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "olivia" } ], "realmRoles": [ "default" ] }, { "username": "mark.goodwill", "firstName": "Mark", "lastName": "Goodwill", "email": "mark.goodwill@ataccama.com", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "mark" } ], "realmRoles": [ "default", "MMM_dq-specialist" ] }, { "username": "james.jones", "firstName": "James", "lastName": "Jones", "email": "james.jones@ataccama.com", "enabled": true, "attributes": { "mdm_workflow": [ "consolidation" ] }, "credentials": [ { "type": "password", "value": "james" } ], "realmRoles": [ "default", "MMM_application-admin" ] }, { "username": "monitoring_user", "enabled": true, "credentials": [ { "type": "password", "value": "monitoring_password" } ], "realmRoles": [ "ONE_PLATFORM_MONITORING" ] }, { "username": "full-access-user", "enabled": true, "emailVerified": true, "email": "full-access-user@ataccama.com", "firstName": "first-name", "lastName": "last-name", "credentials": [ { "type": "password", "value": "full-access-user" } ], "realmRoles": [ "default", "admin" ] }, { "username": "service-account-mmm-admin-client", "enabled": true, "totp": false, "emailVerified": false, "email": "service-account-mmm-admin-client@ataccama.com", "serviceAccountClientId": "mmm-admin-client", "credentials": [], "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "offline_access" ], "clientRoles": { "realm-management": [ "impersonation", "view-realm", "manage-users", "view-users", "manage-realm" ], "account": [ "view-profile", "manage-account" ] }, "notBefore": 0, "groups": [] }, { "username": "service-account-dqit-admin-client", "enabled": true, "totp": false, "emailVerified": false, "email": "service-account-dqit-admin-client@ataccama.com", "serviceAccountClientId": "dqit-admin-client", "credentials": [], "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "offline_access" ], "clientRoles": { "realm-management": [ "impersonation", "view-realm", "manage-users", "view-users", "manage-realm" ], "account": [ "view-profile", "manage-account" ] }, "notBefore": 0, "groups": [] }, { "username": "service-account-rdm-admin-client", "enabled": true, "totp": false, "emailVerified": false, "email": "service-account-rdm-admin-client@ataccama.com", "serviceAccountClientId": "rdm-admin-client", "credentials": [], "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "offline_access" ], "clientRoles": { "realm-management": [ "impersonation", "view-realm", "manage-users", "view-users", "manage-realm" ], "account": [ "view-profile", "manage-account" ] }, "notBefore": 0, "groups": [] }, { "username": "service-account-dpe-admin-client", "enabled": true, "totp": false, "emailVerified": false, "email": "service-account-dpe-admin-client@ataccama.com", "serviceAccountClientId": "dpe-admin-client", "credentials": [], "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "offline_access" ], "clientRoles": { "realm-management": [ "impersonation", "view-realm", "manage-users", "view-users", "manage-realm" ], "account": [ "view-profile", "manage-account" ] }, "notBefore": 0, "groups": [] }, { "username": "service-account-mdm-admin-client", "enabled": true, "totp": false, "emailVerified": false, "email": "service-account-mdm-admin-client@ataccama.com", "serviceAccountClientId": "mdm-admin-client", "credentials": [], "disableableCredentialTypes": [], "requiredActions": [], "realmRoles": [ "offline_access" ], "clientRoles": { "realm-management": [ "impersonation", "view-realm", "manage-users", "view-users", "manage-realm" ], "account": [ "view-profile", "manage-account" ] }, "notBefore": 0, "groups": [] } ], "clients": [ { "clientId": "mmm-admin-client", "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "publicClient": false, "enabled": true, "secret": "mmm-admin-client-s3cret", "protocol": "openid-connect" }, { "clientId": "rdm-admin-client", "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "publicClient": false, "enabled": true, "secret": "rdm-admin-client-s3cret", "protocol": "openid-connect" }, { "clientId": "dpe-admin-client", "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "publicClient": false, "enabled": true, "secret": "dpe-admin-client-s3cret", "protocol": "openid-connect" }, { "clientId": "rdm-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": true, "directAccessGrantsEnabled": true, "enabled": true, "secret": "rdm-token-client-s3cret", "redirectUris": [ "https:///*" ], "protocol": "openid-connect" }, { "clientId": "mdm-admin-client", "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "publicClient": false, "enabled": true, "secret": "mdm-admin-client-s3cret", "protocol": "openid-connect" }, { "clientId": "mdm-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": true, "directAccessGrantsEnabled": true, "enabled": true, "secret": "mdm-token-client-s3cret", "redirectUris": [ "https:///*" ], "protocol": "openid-connect" }, { "clientId": "mmm-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "enabled": true, "secret": "mmm-token-client-s3cret", "redirectUris": [ "*" ], "webOrigins": [ "" ], "protocol": "openid-connect" }, { "clientId": "dpm-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "enabled": true, "secret": "dpm-token-client-s3cret", "redirectUris": [ "*" ], "webOrigins": [ "" ], "protocol": "openid-connect" }, { "clientId": "dpe-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "enabled": true, "secret": "dpe-token-client-s3cret", "redirectUris": [ "*" ], "webOrigins": [ "" ], "protocol": "openid-connect" }, { "clientId": "ai-core-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "enabled": true, "secret": "ai-core-token-client-s3cret", "redirectUris": [ "*" ], "webOrigins": [ "" ], "protocol": "openid-connect" }, { "clientId": "one-webapp-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "enabled": true, "secret": "one-webapp-token-client-s3cret", "redirectUris": [ "*" ], "webOrigins": [ "" ], "protocol": "openid-connect" }, { "clientId": "cs-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "enabled": true, "secret": "cs-token-client-s3cret", "redirectUris": [ "*" ], "webOrigins": [ "" ], "protocol": "openid-connect" }, { "clientId": "audit-token-client", "bearerOnly": false, "publicClient": false, "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "enabled": true, "secret": "audit-token-client-s3cret", "redirectUris": [ "*" ], "webOrigins": [ "*" ], "protocol": "openid-connect" }, { "clientId": "one-desktop-browser-client", "standardFlowEnabled": true, "directAccessGrantsEnabled": false, "publicClient": true, "enabled": true, "protocol": "openid-connect", "attributes": { "pkce.code.challenge.method": "S256" }, "redirectUris": [ "http://127.0.0.1:*" ] }, { "clientId": "cs-webapp-public-client", "name": "Configuration Service Auth Client", "enabled": true, "redirectUris": [ "https:///*" ], "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect" }, { "clientId": "dpm-webapp-public-client", "name": "DPM Admin Console Auth Client", "enabled": true, "redirectUris": [ "https:///*" ], "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect" }, { "clientId": "one-desktop-public-client", "name": "Desktop Auth Client", "enabled": true, "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": false, "implicitFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect" }, { "clientId": "one-webapp-public-client", "name": "Browser Auth Client", "enabled": true, "redirectUris": [ "https:///*" ], "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect" }, { "clientId": "rdm-webapp-public-client", "name": "RDM Webapp Auth Client", "enabled": true, "redirectUris": [ "https:///*" ], "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect" }, { "clientId": "mdm-webapp-public-client", "name": "MDM Webapp Auth Client", "enabled": true, "redirectUris": [ "https:///*" ], "bearerOnly": false, "consentRequired": false, "standardFlowEnabled": true, "implicitFlowEnabled": false, "directAccessGrantsEnabled": false, "serviceAccountsEnabled": false, "publicClient": true, "frontchannelLogout": false, "protocol": "openid-connect" }, { "clientId": "dqit-admin-client", "standardFlowEnabled": false, "directAccessGrantsEnabled": true, "serviceAccountsEnabled": true, "publicClient": false, "enabled": true, "secret": "dqit-admin-client-s3cret", "protocol": "openid-connect" }, { "clientId": "dqit-steps-token-client", "bearerOnly": false, "publicClient": false, "directAccessGrantsEnabled": true, "standardFlowEnabled": false, "enabled": true, "secret": "dqit-steps-token-client-s3cret", "redirectUris": [ "https:///dqit/remote/*" ], "protocol": "openid-connect" }, { "clientId": "dqit-webapp-token-client", "enabled": true, "secret": "dqit-webapp-token-client-s3cret", "redirectUris": [ "https:///dqit/*", "http:///dqit/*", "https:///*" ], "bearerOnly": false, "publicClient": false, "protocol": "openid-connect", "directAccessGrantsEnabled": true } ], "defaultRoles": [ "default" ], "realm": "ataccamaone", "displayName": "Ataccama | ONE", "sslRequired": "none", "enabled": true, "loginTheme": "ataccamaone" }