Page History

...

The following integration levels are available from identity service types Identity Service Types that can be used with Vault:

Identity Service				Identity Service Configuration Items		JOC Cockpit Configuration
Service Type	Built-in	User Accounts/Passwords stored with	User Accounts/Passwords managed by	Roles/Permissions stored with	Roles->User Accounts Mapping managed with	Roles Mapping
`VAULT`	no	Vault Server	Vault Server	JS7 Database	Vault Server	Mapping of Vault Policies to JOC Cockpit Roles
`VAULT-JOC`	no	Vault Server	Vault Server	JS7 Database	JOC Cockpit	Mapping of user accounts and roles with JOC Cockpit
`VAULT-JOC-ACTIVE`	no	Vault Server	Vault Server / JOC Cockpit	JS7 Database	JOC Cockpit	Mapping of user accounts and roles with JOC Cockpit

Explanation:

Service Type: VAULT
- Management of user accounts and passwords is performed with the Vault Server.
- In addition, an automated mapping of policies - assigned a user account in Vault - to JOC Cockpit roles takes place.
- JOC Cockpit does not know any user accounts, passwords an role assignments as this information is managed with Vault only.
Service Type: VAULT-JOC
- Management of user accounts and passwords is performed with the Vault Server.
- The assignment of roles to user accounts is performed with JOC Cockpit and is stored with the JS7 database.
- JOC Cockpit knows user accounts and role assignments. JOC Cockpit does not know passwords as this information is managed with Vault only
Service Type: VAULT-JOC-ACTIVE
- Management of user accounts and passwords is performed with JOC Cockpit. JOC Cockpit forwards user accounts and passwords to the Vault Server. JOC Cockpit stores users accounts (not: passwords) in the JS7 database.
- The assignment of roles to user accounts is performed with JOC Cockpit and is stored with the JS7 database.
- JOC Cockpit knows user accounts and role assignments. JOC Cockpit temporarily knows passwords until this information is forwarded to Vault.

...

Space shortcuts