Disabling native user login Innovation Release
This documentation covers the current Innovation Release of
EDB Postgres AI. See also:
- Hybrid Manager dual release strategy
- Documentation for the current Long-term support release
Before disabling native user login, confirm that at least one other IdP user has the organization owner role. Assign a new organization owner if you haven't done that yet.
Assign a new organization owner
- Log in at least once to the Hybrid Manager (HM) console as the IdP user that will become the organization owner. This ensures the HM console indexes the new user. Then, log out.
- Log in as the current native owner of HM (for example,
owner@mycompany.com). - From the top-right profile menu, select User management. Verify the user that will become the new owner is in the list.
- Edit the user and assign them the owner role.
Disable native users
Retrieve the current secret content:
kubectl get secret hm-portal-bootstrap -n default -o jsonpath='{.data.static-passwords\.yaml}' | base64 -d > static-passwords.yaml
Edit the
static-passwords.yamlfile and setstaticPasswordsto an empty list:staticPasswords: []
Update the secret with the modified content:
kubectl patch secret hm-portal-bootstrap -n default \ --type merge \ -p "{\"data\":{\"static-passwords.yaml\":\"$(base64 < static-passwords.yaml | tr -d '\n')\"}}"
The secret is automatically replicated to the
upm-dexnamespace, and the Dex deployment automatically restarts to apply the changes.
Native user login is now disabled, but the user account still appears in the User management view. Only users authenticated through the configured IdP can access the HM console.