Table of Contents
This document describes the default networking configuration for IAM Manager
as well as common custom configurations.
By default, IAM Manager starts up without authentication (
and it assumes that the Admin API is available on port 8001 (
of the same host that serves IAM Manager.
Common configurations to enable are
Serving IAM Manager from a dedicated IAM node
When IAM Manager is on a dedicated IAM node, it must make external
calls to the Admin API. Set
admin_api_uri to the location of your Admin API.
Securing IAM Manager through an IAM authentication plugin
When IAM Manager is secured through an authentication plugin and not on
a dedicated node, it makes calls to the Admin API on the same host. By
default, the Admin API listens on ports 8001 and 8444 on
admin_listen if necessary, or set
Securing IAM Manager and serving it from a dedicated node
When IAM Manager is secured and served from a dedicated node, set
admin_api_uri to the location of the Admin API.
The table below summarizes which properties to set (or defaults to verify)
when configuring IAM Manager connectivity to the Admin API.
||admin_gui_auth, enforce_rbac, admin_gui_auth_conf
To enable authentication, configure the following properties:
⚠️ When IAM Manager authentication is enabled, RBAC must be turned on to
enforce authorization rules. Otherwise, whoever can log in to IAM Manager can
perform any operation available on the Admin API.
Configuring IAM Manager to Send Email
A Super Admin can invite other Admins to register in IAM Manager, and Admins
can reset their passwords using “Forgot Password” functionality. Both of these
workflows use email to communicate with the user.
Emails from IAM Manager require the following configuration:
⚠️Important: IAM does not check for the validity of email
addresses set in the configuration. If the SMTP settings are
configured incorrectly, e.g. if they point to a non-existent
email address, IAM Manager will not display an error message.
In addition, refer to the
general SMTP configuration
shared by IAM Manager and Dev Portal.
Next: Workspaces ›