MATLAB® Production Server™ administrators can use Google® identity provider to configure role-based access control for the MATLAB Production Server Dashboard. Role-based access control allows administrators to grant access to specific areas of the dashboard to certain users or groups of users. For more information about the roles that the dashboard supports, see Dashboard Access Control.
To enable dashboard access control, configure the identity provider and specify access control policies, in consultation with the Google Identity administrator.
To configure Google Identity:
Log in to the dashboard to retrieve the redirect URI of the dashboard.
On the Google Cloud Platform Console, use the redirect URI to register the dashboard as a client application with the provider.
In the dashboard, enter values specific to the registered application and Google Identity.
To retrieve the redirect URI, start creating a configuration for Google Identity in the dashboard:
Navigate to either the Dashboard Access Control tab or the Manage Identity Providers tab.
Click Create and select Google.
In Create Identity Provider for Dashboard Access Control, note the redirect URI of the dashboard.
Later, you return to this view to specify the values required to configure your identify provider in the dashboard.
Use the Google Cloud Console to register a web client application for dashboard access control. Use the redirect URI from the MATLAB Production Server Dashboard when registering the application.
Sign in to the Google Cloud Platform Console and navigate to the Credentials page.
On the Credentials page, click Create credentials and select OAuth client ID.
From Application type drop down, select Web Application.
Enter the name of you client application (for example,
Production Server Dashboard App).
Under Authorized redirect URIs, click Add URI.
Copy the redirect URI from MATLAB Production Server Dashboard and paste it into the URIs field in the Google Cloud Console.
The Google identity provider creates an application with a client ID and client secret. Note the values of the client ID and client secret. You enter these values next in the dashboard.
Enter the noted client ID and client secret values from the previous section in the Client ID and Client Secret fields respectively in MATLAB Production Server dashboard.
Click Create to complete the configuration of the identity provider.
Before you can specify dashboard access control policies, you must have users, and groups, if applicable, set up in Google. Consult the Google identity provider administrator for this setup.
The access control policies define areas of the dashboard that users can access and tasks that they can perform in these areas. Use the policies to assign the manager and application author roles to users in your organization by entering their Google user names.
On the Dashboard Access Control tab of the dashboard, select Google as the identity provider.
In the Dashboard Access Control Policy section, enter Google user names to assign manager and application author roles to users in your organization. Click Save after you enter the values.
After you configure Google Identity and specify access control policies, you must enable dashboard access control by selecting the Yes option. After enabling dashboard access control, a dashboard login URL that supports single sign-on (SSO) becomes available. Share this URL with managers and application authors.