See the topics given below to understand user management in the Micro Integrator.
User credentials in the MI¶
WSO2 Micro Integrator requires user credentials for authentication and authorization purposes:
Authentication for internal APIs
Users accessing the management API and related tools (Micro Integrator dashboard/Micro Integrator CLI) for administration tasks should be authenticated.
Authentication for integration use cases
Some integration use cases require authentication by dynamic username token and similar WS-Security options. If you already have an external RDBMS or LDAP user store with predefined roles, you can have role-based authentication for your WS-Security user cases.
User authentication is also required for securing REST API artifacts.
Authorization for internal APIs
Certain resources of the management API are protected by authorization. Therefore, users should be granted admin privileges to operate those resources.
Micro Integrator users with admin privileges can manage other users in an LDAP or RDBMS user store that is connected to the Micro Integrator server. These user management tasks include viewing, adding, and removing users.
Admin users can basically access any resource (of the Micro Integrator's management API) that has authorization privileges enabled. By default, only the
users resource of the management API allows authorization, which allows an admin to perform user management.
Read more about about authorization in the management API.
If a user with admin privileges does not exist in your user store, the admin credentials will be created when you invoke the Micro Integrator's management API for the first time. That is, when you log in to the Micro Integrator server from the CLI tool/dashboard, or directly invoke the management API, the user credentials you use will get stored in the user store and admin privileges will be assigned.
An existing admin user can log in to the Micro Integrator server from the CLI tool or the dashboard to add new users with admin privileges. An admin user can only be removed by the creator.
Users that do not have admin privileges can access the management API, the CLI, and the dashboard to view and monitor integration artifacts and logs.
Managing users from the CLI¶
You can use the WSO2 API Controller (APICTL) to view details of users, add new users, and remove users from the user store.
For more information, see Manage Users
Managing users from the Dashboard¶
See the Micro Integrator Dashboard documentation to set up the dashboard. Be sure to log in to the Micro Integrator server (from the dashboard) with your admin user name and password.
Select Users in the left-hand navigator to view the list of existing users.
Click Add User to create new users. Note that you can assign admin privileges during user creation.