Define the MATRIXX Backoffice Customer Tool Users

Access to MATRIXX Backoffice Customer Tool is restricted by the matrixxbct_users.yaml file. Users must be defined in this file before they can access MATRIXX Backoffice Customer Tool. For information about defining users when using a third-party identity and access management application, see the discussion about OAuth 2.0 identity and access management.

Before you begin

Define the location of the MATRIXX Backoffice Customer Tool in /etc/default/mtx_matrixxbct. For example, -Dmatrixxbct.asset.location=/opt/mtx/conf/assets.

Ensure that MATRIXX Backoffice Customer Tool has been deployed and the user mtx is defined.

About this task

On the pod that hosts MATRIXX Backoffice Customer Tool, you must configure a matrixxbct_users.yaml file.

Procedure

  1. Using a configuration source, provide a matrixxbct_users.yaml file. For more information about configuration using a configuration source, see the discussion about configuration sources in MATRIXX Configuration.
  2. Add each user's name, password and role(s) to the file in the following format. 
    username: "{EncodingAlgorithm}EncodedPassword, role1, role2, roleN, MTX_TNT_TenantID"
    where:
    • username — The client's login ID.
    • EncodingAlgorithm — The encoding algorithm (such as bcrypt).
    • EncodedPassword — An EncodingAlgorithm-encoded password string.
    • role(1, 2, N) — A comma-separated list of MATRIXX Backoffice Customer Tool roles.
    • MTX_TNT_TenantID — A comma-separated list of tenant specifiers where TenantID is the TenantID defined in the tenant profile in My MATRIXX. For a description of how to define tenant access for MATRIXX Backoffice Customer Tool users, see the discussion about how to configure MATRIXX Backoffice Customer Tool security in MATRIXX Security.
    For example: 
    john: '{bcrypt}$2a$10$dXJ3SW6G7P50lGmMkkmwe.20cQQubK3.HZWzG3YB1tlRy.fqvM/BG, MTX_ROLE_CSR, MTX_ROLE_CSR_MGR, MTX_ROLE_ADMIN, MTX_ROLE_SIMULATE'
    MATRIXX Backoffice Customer Tool supports the following roles.
    • MTX_ROLE_CSR — Enables read-only access to MATRIXX Backoffice Customer Tool.
    • MTX_ROLE_CSR_MGR — Enables write access to balances and thresholds in MATRIXX Backoffice Customer Tool.
    • MTX_ROLE_ADMIN — Enables full edit access to MATRIXX Backoffice Customer Tool except for bulk operations.
    • MTX_ROLE_SIMULATE — Enables access to MATRIXX Backoffice Customer Tool usage simulation functionality.
      Note: The MTX_ROLE_SIMULATE role is used to demonstrate functionality and should not be assigned to customers.
    • MTX_ROLE_EVENT — Enables access to viewing subscription, group, and user event data. This role is used in combination with the MTX_ROLE_CSR role.
    • MTX_ROLE_BULK_OPS — Enables access to viewing a bulk operation configuration and adding and deleting a bulk operation task.
    Note: You cannot add additional roles.
  3. Save and close the file.
  4. Rebuild the configuration image and host it in your image repository.
  5. Update your Helm values file with the new tag for the image, if necessary. For more information, see the discussions about configuring MATRIXX web apps and the provided example in MATRIXX Web App Administration.
  6. Restart MATRIXX Backoffice Customer Tool.

What to do next

You can configure the MATRIXX Backoffice Customer Tool roles to add or remove access privileges for each role. For more information, see the discussion about configuring the MATRIXX Backoffice Customer Tool role permissions.