You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/energy-data-services/how-to-manage-users.md
+10-8Lines changed: 10 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -73,7 +73,7 @@ A `client-secret` is a string value your app can use in place of a certificate t
73
73
:::image type="content" source="media/how-to-manage-users/data-partition-id-second-option.png" alt-text="Screenshot of finding the data-partition-id from the Azure Data Manager for Energy instance overview page.":::
74
74
75
75
:::image type="content" source="media/how-to-manage-users/data-partition-id-second-option-step-2.png" alt-text="Screenshot of finding the data-partition-id from the Azure Data Manager for Energy instance overview page with the data partitions.":::
76
-
## Generate service principal access token
76
+
## Generate client-id access token
77
77
78
78
1. Run the below curl command in Azure Cloud Bash after replacing the placeholder values with the corresponding values found earlier in the above steps.
79
79
@@ -112,13 +112,15 @@ curl --location --request POST 'https://login.microsoftonline.com/<tenant-id>/oa
112
112
:::image type="content" source="media/how-to-manage-users/profile-object-id.png" alt-text="Screenshot of finding the object-id from the profile.":::
113
113
114
114
## First time addition of users in a new data partition
115
-
1. In order to add entitlements to a new data partition of Azure Data Manager for Energy instance, use the access token of the app that was used to provision the instance.
116
-
2. Get the service principal access token using [Generate service principal access token](how-to-manage-users.md#generate-service-principal-access-token).
117
-
3. If you try to directly use user tokens for adding entitlements, it results in 401 error. The service principal access token must be used to add initial users in the system and those users (with admin access) can then manage more users.
118
-
4. Use the service principal access token to do these three steps using the commands outlined in the following sections.
119
-
1. Add the users to the `users@<data-partition-id>.<domain>` OSDU group.
120
-
1. Get the OSDU group such as `service.legal.editor@<data-partition-id>.<domain>` you want to add the user to.
121
-
1. Add the users to that group.
115
+
1. In order to add first admin to a new data partition of Azure Data Manager for Energy instance, use the access token of the `client-id` that was used to provision the instance.
116
+
2. Get the `client-id` access token using [Generate client-id access token](how-to-manage-users.md#generate-client-id-access-token).
117
+
3. If you try to directly use your own access token for adding entitlements, it results in 401 error. The client-id access token must be used to add first set of users in the system and those users (with admin access) can then manage more users with their own access token.
118
+
4. Use the client-id access token to do these three steps using the commands outlined in the following sections:
119
+
1. Add the user to the `users@<data-partition-id>.<domain>` OSDU group.
120
+
2. Add the user to the `users.datalake.ops@<data-partition-id>.<domain>` OSDU group.
121
+
5. The user becomes the admin of the data partion. The admin can then add or remove more users to the required entitlement groups:
122
+
1. Get the OSDU group such as `service.legal.editor@<data-partition-id>.<domain>` you want to add more users to using the admin's access token.
123
+
2. Add more users to that OSDU group using the admin's access token.
122
124
123
125
## Get the list of all available groups in a data partition
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments