Hello,
I see, thanks for explanation.
Actually, there is no special intention to change the isAdmin outside the JSReport Studio.
I just was long fight to understand the issue with 401 Error during user patch API call.
After removing the keys one by one i have found the root of issue - isAdmin flag.
Looks like this limitation didn't described in documentation, isn't it?
Hi there,
There is a question regarding the user management API.
We have application where Keycloak used as authorization server to provide access to JSreport server using SSO.
We would like to allow administrators of our system also manage the user access to JS report servers used to generate documents.
Everything is working fine (creating and aasignment readAll/editAll permissisons) but assignments of IsAdmin alwais returned 401 Error (Unauthorized Access)
Also in JSReport Studio regular SSO user can't find Admin check box in groups properties.
Latest 4.11.0 JSreport servers used in on-premise environment.
Here i've found 4-years old mention that assignment of administrative right allowed only to admin login wich is impossible in SSO scheme.
*It seems the default admin user (configured through extensions.authentication.admin) is the only user who can add and delete users. Since we work in a team it would mean having to share this admin user's credentials across the team, which is considered a bad security practice. Is there a way to define multiple admin users?
I'm pretty sure this last one is not possible but decided to write it down anyways, so it can maybe be considered as a feature request
you are right, this is not possible, the admin user is still considered a special entity that has master privileges for things like user management. I am opening an issue also for this so we can discuss it and plan it.*
[https://forum.jsreport.net/topic/2275/several-questions-for-setting-up-sso-with-authorization-server/4](link url)
Is still this approach true?
Or have I play with group mapping between Keycloak and JSreport?
Is there more clear description of group mapping?
Thanks in advance.