Keycloak URL

The default keycloak management URL is : https://<portal>/keycloak

Default user

A default user is created in the hexagon-hpa realm on first installation.

The default credentials are :

• Username : admin
• Password : hexagon

Warning : Change the default password after installation.

Add a local user

Local users are managed directly in Keycloak, without any external identity provider (LDAP or OpenID).

To add a new user :

1. Open the Hexagon-HPA realm
2. Open Users in the left menu
3. Click on Add user

4. Fill in the user information :
   • Username (required)
   • Email
   • First name / Last name
5. Click Create

Set a password for a new user

After creating the user, a password must be set manually :

1. Open the user detail page
2. Go to the Credentials tab
3. Click Set password
4. Enter the password and confirm it
5. Set Temporary to Off to avoid forcing a password change on first login
6. Click Save password

Add admin user

To grant administrator rights to a user, the admin role defined in security.config must be assigned.

By default this role is Admin (variable HPA_ROLE_ADMIN).

1. Open the Hexagon-HPA realm
2. Open Users in the left menu
3. Select the target user
4. Go to the Role mapping tab
5. Click Assign role
6. Filter by Filter by clients and search for the hpa-client client roles
7. Select the Admin role
8. Click Assign

The role name must match the value of HPA_ROLE_ADMIN in security.config.

Change password of a user

1. Open the Hexagon-HPA realm
2. Open Users in the left menu
3. Select the target user
4. Go to the Credentials tab
5. Click Reset password
6. Enter the new password and confirm it
7. Set Temporary to Off if no password change should be forced on next login
8. Click Save password

Remove a local user

1. Open the Hexagon-HPA realm
2. Open Users in the left menu
3. Click Delete user at end of the line menu
4. Confirm the deletion

Warning : Deleting a user is irreversible. The user will immediately lose access to HPA portal and Webview.