Configuration
18.14.2. Configuration of Realm Administration

This configuration uses the newly introduced context data item realm. It is possible to choose a different context data item (e.g. company) to achieve the same result.

Configuration of the realm feature

  • Prerequisites
  • The choice, which context data item will hold the realm value must have been made.
  • The database schema of IAM 7.4 or later is required if the realm attribute is to be used.
  • This feature requires the license tag: RealmAdministration
  • Instruction
  • 1.
    Go to:
    Adminapp >> Advanced Settings
  • 2.
    Create a Realm Administration plugin.
  • 3.
    In the Realm Administration plugin:
    Create an Admin Realm Context Data Name and assign an identifier to it to reference it again later on.
  • 4.
    In the Admin Realm Context Data Name:
    Configure the name of the administrator's context data item holding the realm value.
  • 5.
    In the Realm Administration plugin:
    Create a User Realm Context Data Name and assign an identifier to it to reference it again later on.
  • 6.
    In the User Realm Context Data Name:
    Configure the name of the user's context data item holding the realm value.
  • This enables IAM to use the realm administration feature.

Configuration of the Realm Attribute

  • Prerequisites
  • The context data item chosen to hold the realm value for users must exist in the database schema for end-users.
  • The context data item chosen to hold the realm value for administrators must exist in the database schema for administrators.
  • Instruction part 1– User Data Source and Admin Persister
  • 1.
    Go to:
    Adminapp >> Users >> User Data Source >> User Store >> Database User Persister
  • 2.
    In Context Data Columns:
    Create a String Context Data Item and reference the previously created Context Data Name for end-users.
  • 3.
    Go to:
    Adminapp >> Administrators >> Administrator Management >> Admin Persister
  • 4.
    In Context Data Columns:
    Create a String Context Data Item and reference the previously created Context Data Name for end-users to the realm administrator.
  • The realm attribute is now available for both end-users and realm administrator.
  • Instruction part 2 – User Context Data Attribute for the realm
  • 1.
    Go to:
    Adminapp >> Users >> Columns In User List
  • 2.
    Create a String User Profile Item with:
    • a)
      Identifier – Set Realm Admintool Label.
    • b)
      String Resource Key - Set the identifier for the language-specific string tables
    • c)
      Property Name – Set the user's realm context data attribute
    • d)
      Optional – Not set, because the realm attribute is mandatory.
    • e)
      Modifiable – Not set, because the realm attribute cannot be changed.
    • f)
      Prefill – Create a Realm Value Provider plugin with the value @realm@.
  • 3.
    Go to:
    Adminapp >> Users >> Rows On User Detail Page
  • 4.
    Add the previously created String User Profile Item Realm Admintool Label.
  • The realm attribute is now visible in the user list, the user detail page and in the user create dialog. The realm attribute will be prefilled with the realm value.
  • Instruction part 3 – Username prefixed with the realm value (optional)
  • These steps are optional and only required if the username should be prefixed with the realm value.

  • 1.
    Go to:
    Adminapp >> Users >> Username Prefill
  • 2.
    Create a Realm Value Provider plugin with the necessary prefill pattern.
  • 3.
    Go to:
    Adminapp >> Users >> Username Validator
  • 4.
    Create a Realm Username Validator plugin.
  • The username will now be prefilled with the realm value and it will be validated.

Admin Context Data Attribute for Realm

  • Instruction
  • 1.
    Go to:
    Adminapp >> Administrators >> Administrators Management >> Columns in Admin List
  • 2.
    Create a String User Profile Item with:
    • a)
      Identifier – Set Realm Admintool Label to ADMIN
    • b)
      Property Name – Set the admin's realm context data attribute.
    • c)
      Optional – Set enabled (the realm attribute is optional).
    • d)
      Modifiable – Set enabled, to make the realm attribute changeable.
  • 3.
    Go to:
    Adminapp >> Administrators >> Administrators Management >> Rows on Admin Detail Page
  • 4.
    Add the String User Profile Item Realm Admintool Label ADMIN.
  • The realm attribute is now visible in the realm administrator's list, administrator detail page and the administrator create dialog.