Openam add aplikasi dashboard

Chapter 11. Configuring the Dashboard Service

https://backstage.forgerock.com/#!/docs/openam/11.0.0/admin-guide/chap-dashboard

This chapter shows how to configure the OpenAM Dashboard.

11.1. About the Dashboard Service

The Dashboard service provides the end user with an interface to access applications secured by OpenAM, both cloud-based applications like SalesForce and internal applications protected by policy agents. The Dashboard service uses SSO to login to the applications when the user clicks on the application icon. For some apps, like SalesForce, you will want to limit access to only a few users. Other apps, like Google Mail or Drive, you will probably want to make available to all users.

The Dashboard service is meant to give users a single place to access their applications. Keep in mind that this does not limit user access, only what appears on the user Dashboard.

There are three stages to setting up the Dashboard service.

• Setup the Dashboard service and add applications.
• Add the service to the realms.
• Assign users applications so that they appear on the users' Dashboards. This can be done manually or through a provisioning solution.

11.2. Setting Up the Dashboard Service

Making some applications universally available ensures that all users have the same basic applications. However, some of your applications should be protected from the majority of your users. You will need to single out which users will include the application on their Dashboard.

There are three default applications in the Dashboard service: Google, SalesForce, and ZenDesk.

Procedure 11.1. To Add Applications from the Dashboard

You can add applications to the Dashboard service with the following steps. All fields except the Dashboard Class name and ICF Identifier are required for the application to work properly from the Dashboard.

1. Login to the OpenAM console as OpenAM Administrator, amadmin.
2. On the Configuration tab > Global > Dashboard click New to add a new application to the Dashboard service and to provide the information needed to connect to the app.
3. Provide a unique name for the application.
4. Add a Dashboard Class Name that identifies how the end user will access the app, such as SAML2ApplicationClass for a SAML 2.0 application.
5. Add a Dashboard Name for the application.
6. Add a Dashboard Display Name. This name is what the end user will see, such as Google.
7. Add the Dashboard Icon you would like the end user to see for the application. Either use a fully-qualified URL or an appropriate relative URL so that the icon is rendered properly on the user Dashboard.
8. Add the Dashboard Login URL to point to the location the end user will go to once they click on the icon.
9. Leave the ICF Identifier blank.
10. Click Add when you are done.

11.3. Configuring Dashboard Service for a Realm

Procedure 11.2. To Add the Application Dashboard Service to a Realm

You must add the Dashboard service to a realm before it will be available. The following instructions show you how to add an application to a single realm. Before you begin, make sure you have the name of the application as it appears on the Secondary Configuration Instance table under Configuration > Global > Dashboard.

1. On the Access Control > Realm Name > Services, click Add....
2. Select the Dashboard service, then click Next.
3. Add or remove the applications you would like to appear on the Dashboard service for the realm.
4. Click Finish when you are done.

11.4. Adding Applications to a User's Dashboard

Procedure 11.3. To Add an Application to a User's Dashboard

Use the following steps to add an application to a user's Dashboard.

1. On the Access Control > Realm Name > Subjects, click the user identifier to edit the user's profile.
2. Under Services, click Dashboard.
3. Add the application beside the user name under the user's Assigned Dashboard list.
4. Click Save.

Procedure 11.4. Removing User Access to an Application

You may need to remove an application from user's Dashboard, but you don't want to entirely delete the user. The following steps walk you through removing an application from a user's Dashboard.

1. On the Access Control > Realm Name > Subjects, click the user identifier to edit the user's profile.
2. Under Services, click Dashboard.
3. Delete the application beside the user name under the user's Assigned Dashboard list.
4. Click Save.