How to install core ‘identity’ module?
I use this configuration file:
Looks like it is about changing ‘enabled’ true.
# Disable identity as part of the Camunda core
identity:
enabled: false
But it will cast error ‘authIssuerBackendUrl’ (so identity requires keylock or any other auth provider).
My goal is to manage users, groups and roles in Camunda. I do not want keylock and exthernal auth provider - is that possible?
* Set the `IDENTITY_CLIENT_SECRET` [environment variable](https://docs.camunda.io/docs/self-managed/identity/deployment/configuration-variables/) with the value from **Step 9**.
* Set the `KEYCLOAK_REALM` [environment variable](https://docs.camunda.io/docs/self-managed/identity/deployment/configuration-variables/) to the realm you selected in **Step 2**.
Where? For Identity pod?
And statement: Start Identity.
What url?
Honestly, it sounds like you are starting from green-field, so starting from the full (not CORE) Helm chart is going to be your best bet.
I’m not a user of the Helm charts user at the moment, so can’t really point you in a specific direction. I’ve just really read the forum and the documentation pages.
KinD is intended for a development box, so not everything you would expect in a production deployment is included in it – and that included Identity.
There might be a way to install Identity beside the KinD Core install, and configure both to work together, but that’s really a lot more in depth than I can provide input on.
I made it works. But had to define several variables manually. I believe I could have them in config to avoid this work after installation. Anyone could look at it and tell how correct config should be?
I think ‘url’ is not needed, I should add ‘auth-server-url’ probably… etc
So I manage permissions in Identity but create users in Keyloack?
There must be some bug because Identity session in the browser behaves very strangely. It expires for an unknown reason, and refreshing doesn’t help – just a blank page. I have to wait for a while for it to work again. I am looking into this.