# Grant admin and user access
The Solutions Portal uses the Cognite Data Fusion (CDF) access management system to grant access to suites and boards. To set up suites and boards in the Solutions Portal, you need administrator access to your CDF project.
In this article:
# Grant standard user access
Make sure that the user has the following capabilities via any group:
# Grant admin access
To be an admin user, you must be a member of the
If it doesn't already exist, create a CDF group named
dc-system-admin. This is the group name that the Solutions Portal will look for to determine if a user has admin rights.
Grant these capabilities to the group:
Assign your Solutions Portal admin user(s) to the group.
# Allowlist the Solutions Portal domain names
Use the Access management section in Cognite Data Fusion to allowlist the Solution Portal domain(s) to make it work with your CDF project. To access CSP on production add
cogniteapp.com to Allowed application domains list.
# Create a data set for image files (optional)
The Solutions Portal automatically creates a data set to store image files such as board previews and a customer logo when a system admin logs in to the app for the first time.
You can also create the data set manually to restrict the capabilities
files:read to the dc-system-admin group, and use other configuration options for the data set. Make sure that you set the externalId to
# Sign in with Azure Active Directory (AAD)
To use the Solutions Portal with Azure Active Directory (AAD), you need set up AAD to allow users to sign in to CDF and the Solutions Portal. You also need to set up and Azure AD and CDF groups to control access. Follow these instructions:
- Register the Cognite API and applications in AAD (opens new window)
- Set up Azure AD and CDF groups to control access (opens new window).
There are two authentication flows for AAD:
To sign in with the 'legacy' flow, enter the CDF project ID in the Company ID field and select Continue.
To sign in with the OIDC flow, select the Login with Microsoft Azure option and specify the Azure AD tenant ID in the Azure Tenant input field.