Start your 30-day Pentaho Enterprise Evaluation ..

AW Users

Add Adventure Works users ..

Add AW Users

In this hands-on workshop, you'll learn how to create test users in Keycloak to validate your identity federation and community setup between Keycloak and PDC. We'll walk through adding Adventure Works employees across different organizational roles, setting up their credentials, and preparing them for group membership assignment that demonstrates the complete WHO + WHAT identity governance pipeline.

By the end of this workshop, you will be able to:

  • Create enterprise users in Keycloak with proper organizational context

  • Configure user credentials and authentication settings for testing scenarios

  • Understand the difference between test user creation and production directory synchronization

  • Prepare users for group membership assignment and role inheritance testing

  • Establish realistic test scenarios that mirror production organizational structures

  • Validate identity federation workflows with representative user personas

  • Create the foundation for testing data governance access controls

Workshop Test Users: You'll create six key Adventure Works employees representing different organizational functions:

  • Sarah Johnson - Sales Analyst (sales data access testing)

  • Michael Chen - HR Specialist (employee data governance testing)

  • Elena Rodriguez - Data Steward (cross-domain governance testing)

  • David Park - Compliance Officer (regulatory oversight testing)

  • James Lock - System Administrator (full administrative access testing)

  • Hugo Reilly - Database Administrator (data source testing)

AW Organization - Roles

Production Note: In real enterprise environments, these users would automatically synchronize from your corporate directory (Active Directory/LDAP) rather than manual creation, but this workshop demonstrates the complete user lifecycle for testing and validation purposes.

This workshop establishes the user foundation needed to test your complete identity federation setup, ensuring that organizational roles properly translate into data access permissions through the Keycloak-to-PDC integration.

  1. Log into Keycloak:

https://pdc.pentaho.lab/keycloak/adminpdc.pentaho.lab

Username: admin

Password: admin

Ensure you select the Pentaho Data Catalog Realm.

  1. Select: Users > Add User

Add AW Users

  1. Enter the following details to add AW users:

Group
Username
Email
First Name
Last Name
Email Verified

Sales Analyst

sarah.johnson

[email protected]

Sarah

Johnson

ON

HR Specialist

michael.chen

[email protected]

Michael

Chen

ON

Data Steward

elena.rodriguez

[email protected]

Elena

Rodriguez

ON

Compliance Officer

david.park

[email protected]

David

Park

ON

System Administrator

james.lock

[email protected]

James

Lock

ON

Datasource Administrator

hugo.

hugo.reilly

Hugo

Reilly

ON

Create User

  1. Complete the next steps - Credentials & Groups - to complete User profile:

Credentials

Credentials serve as the primary mechanism for verifying user identity. Keycloak supports various credential types (passwords, OTP tokens, certificates, WebAuthn) that ensure only authorized users can access protected resources.

  1. Select: Credentials tab.

  2. Set password Welcome123!

Set password

  1. Ensure Temporary is Off.

Set user password

  1. Save.

Credentials

  1. Test that you can log into Data Catalog.

Log into Data Catalog
Note SJ icon in top right.

All new users will will be assigned the default-roles-pdc role with limited access.

PreviousRole MappersNextCommunities

Last updated

Was this helpful?