I logged in to Keycloak with the default admin and password and created a user with global_admin role.
However, when I try to login to Admin module, I cant login using the account of the recently created user with global_admin role.
Any ideas? I deleted/re-installed/restarted the Admin module using kubectl. No errors visible on Rancher.
We have this feature,
Above feature is only for the 1st user login to admin-portal (i.e No user-zone mapping entry exists in DB).
With the error attached, seems like there are already users mapped to the zone in the DB.
could you please share the number of entries present in zone_user table in mosip_master DB?
@Anusha_sunkadh Thank you for your reply.
Here is the entry in mosip_master DB:
mosip_master=# SELECT * FROM zone_user;
zone_code | usr_id | lang_code | is_active | cr_by | cr_dtimes | upd_by | upd_dtimes | is_deleted | del_dtime
MOR | globaladmin | eng | t | admin | 2023-03-24 08:08:36.943408 | | | f |
MOR | service-account-mosip-resident-client | eng | t | admin | 2023-03-24 08:08:36.943408 | | | f |
Ok so this explains, you already have a global admin registered and assigned to “MOR” zone (1st entry in DB).
Login to admin portal as “globaladmin” user and follow the steps provided in the below document.
Thank you @Anusha_sunkadh it is working now.
I have to add the user “globaladmin” in keycloak and set it as global_admin and then create a password for it.
As it was explained in the Admin Module Readme
My mistake was to create a user with different username and set that as global_admin.
I got confused, because this first step of logging in. using the default username globaladmin created in keycloak with global_admin role. was not discussed in the Admin Portal User Guide.
Anyway, consider this issue closed. Thank you so much.
Using user globaladmin with the GLOBAL_ADMIN role works. But the recommendation to create another user with GLOBAL_ADMIN role does not work. It produces the error previously stated:
Entity for user ID specified Not Found.
This also happens when creating users with ZONAL_ADMIN role. So for now, I am stuck with using the default user globaladmin.
Creating users with different roles as long as it is not GLOBAL_ADMIN and/or ZONAL_ADMIN works.
Please check this video, it is the same steps that must be followed to create a user with any role.
@Anusha_sunkadh Thank you very much!