Two internal users are created by default - anonymous
and openidm-admin. These accounts are separated from
other user accounts to protect them from any reconciliation or
synchronization processes.
OpenIDM stores internal users and their role membership in a table
in the repository called internaluser when implemented
in MySQL, and in the internal_user table for an OrientDB
repository. You can add or remove internal users over the REST interface
(at http://localhost:8080/openidm/repo/internal/user) or
directly in the repository.
- anonymous
-
This user serves to access OpenIDM anonymously, for users who do not have their own accounts. The anonymous user is primarily intended to allow self-registration.
OpenIDM stores the anonymous user's password,
anonymous, in clear text in the repository internal user table. The password is not considered to be secret. - openidm-admin
-
This user serves as the super administrator. After installation, the
openidm-adminuser has full access, and provides a fallback mechanism in case other users are locked out. Do not useopenidm-adminfor normal tasks. Under normal circumstances, no real user is associated with theopenidm-adminuser account, so audit log records that pertain toopenidm-admindo not reflect the actions of any real person.OpenIDM encrypts the password,
openidm-admin, by default. Change the password immediately after installation. For instructions, see To Replace the Default User and Password.
