First login with a new user

While the user is recognised by the identity provider, the user is unknown at this point in Edge Flow Manager (EFM). So while the login is successful, the result is an authorization error as the user has no access to anything at this point.

An administrator needs to create an EFM user with a matching identity and grant that user access to an agent class(s).

The following image shows the Administration page after initial admin login:



With the efm.security.user.auth.autoRegisterNewUsers property set to true, after the first login, the EFM user is automatically available in the admin view and policies can be assigned to it, as shown in the following image:


The user rights are assigned to the users based on the configured state when the login happens. This means that if policies are changed by an administrator, a re-login is required to issue a new token based on the new policies. After this, the user has access to filtered data based on the assigned policies. Everything is assigned based on agent class, so if users have no assigned role for a given agent class, they do not see anything related to it.