Keycloak Setup

Once Forcepoint Support team has finished the final Rancher configuration steps you are now ready to configure access to the DSPM UI using Keycloak.

1. Open a browser and type the following URL to access Keycloak. https://<your_DSPM_IP>/auth/admin/master/console.
2. Enter in the following Username and Password: admin/admin .

   

3. Once you are logged in to Keycloak you are presented with the main page for the Master Realm. From the drop-down menu, select gv.

   

   Note: Do not edit any settings on the Master Realm as this can have severe consequences.
4. Navigate to Configure > Realm settings.
5. From the General tab of the gv realm settings, change the Display name and HTML Display name to your company name and when done click Save.

   

6. From the Settings tab, scroll down to Access settings.
   1. Locate the Valid redirect URLs field and select Add valid redirect URLs link. Enter in the IP address of your DSPM server followed by /*. (e.g. : https://<your_DSPM_IP>/*) This allows Keycloak to redirect back to the DSPM dashboard UI after authenticating.
   2. Locate the Web origins field and select the Add web origins link. Enter in the IP address of your DSPM server. (e.g. https://<your_DSPM_IP>) This allows CORS endpoint calls to Keycloak from the DSPM dashboard.

   

7. Scroll to Log in settings and verify the Log in theme is set to forcepoint-theme.
8. Scroll to Log out settings and locate the Front-channel logout URL field. Change the local host entry to the DSPM IP address. This displays the log in screen instead of the 'You are getting logged out" screen. Click Save when done.

   

   A message appears in the upper right corner indicating the Realm was successfully updated.