You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Fleet admin can create a new silo, a user in it, and grant silo admin IAM role to that user. But the user cannot log in the console or use API (because the person needs a device token) until there is a valid TLS certificate for the silo.
Fleet admin should probably have the ability to hit the silo certificate API endpoint to upload the first TLS certificate.
Another minor inconvenience is fleet admin not being able to list silo users (this is by design to restrict what fleet admin can see). The fleet admin will have to capture the user uuid returned from the "create local idp user" API call. Without the uuid, admin cannot invoke the "update silo policy" as it takes only uuid for "identity_id". Ideally, if it can take a username/login, the fleet admin will be able to use that API more easily.
The text was updated successfully, but these errors were encountered:
Fleet admin can create a new silo, a user in it, and grant silo admin IAM role to that user. But the user cannot log in the console or use API (because the person needs a device token) until there is a valid TLS certificate for the silo.
Fleet admin should probably have the ability to hit the silo certificate API endpoint to upload the first TLS certificate.
Another minor inconvenience is fleet admin not being able to list silo users (this is by design to restrict what fleet admin can see). The fleet admin will have to capture the user uuid returned from the "create local idp user" API call. Without the uuid, admin cannot invoke the "update silo policy" as it takes only uuid for "identity_id". Ideally, if it can take a username/login, the fleet admin will be able to use that API more easily.
The text was updated successfully, but these errors were encountered: