...
- Access IAM (EWC IAM - Accessing the system - European Weather Cloud Knowledge Base - ECMWF Confluence Wiki)
Go to Clients and click the Create client button. If the application provides a Resource file containing the necessary configuration, you can also try to import it using the Import client link.
Follow the Client creation Wizard. Consult the Keycloak documentation for the recommended values of the available configuration options: https://www.keycloak.org/docs/latest/server_admin/index.html#assembly-managing-clients_server_administration_guide. Below is an example default configuration. You always need to adjust it to the needs of the connected application.
Once the new client is created, in case of OIDC clients go to Credentials, retrieve the client secret and share it together with the Client ID entered in the first step of the wizard with the application owner. Alternatively configure another compatible method of authentication.
In addition to the Client ID and Client secret, the following address contains realm-related settings the connected application might need in order to integrate with the IAM:
OIDC: https://iam.europeanweather.cloud/realms/{tenancy-name}/.well-known/openid-configuration ( {substitute } with the name of your tenancy)
SAML: https://iam.europeanweather.cloud/realms/{tenancy-name}/protocol/saml/descriptor ( {substitute } with the name of your tenancy)