Initial admin identities
To be able to register new users and assign roles to them, first you need to set up an initial admin identity. This initial admin has comprehensive access rights and can assign roles and administrative privileges to others as needed. After the initial setup, you can remove this configuration if needed.
efm.security.user.auth.adminIdentitiesA comma separated list of identities needed for initial admins that can configure other user and group access policies in Edge Flow Manager (EFM). For example,
efm.security.user.auth.adminIdentitiesemail@example.com. If admin identities contain special characters such as a comma (,), you can use the following alternative property key format:
- efm.security.user.auth.adminIdentities=CN=admin1, OU=systems, O=cloudera
- efm.security.user.auth.adminIdentities=CN=admin2, OU=systems, O=cloudera
- efm.security.user.auth.adminIdentities[n]=CN=adminN, OU=systems, O=cloudera
Starting EFM with this property and logging in with the predefined identity grants you administrator access.
It controls whether you create each user manually in the Administration page, or the system should do this automatically after the first login attempt for each user. This is a convenience functionality supported by the OIDC and SAML methods.
It indicates that user group management is handled externally by the IdP or LDAP. Its value can be INTERNAL, EXTERNAL, or LDAP. The default value is INTERNAL.
efm.security.user.auth.groups.adminIdentitiesA comma separated list of group names needed for initial admins that can configure other user and group access policies in EFM. If group names contain special characters such as a comma (,), you can use the following alternative property key format: