Testing with IDIRs

We have BC Gov IDIR accounts that developers can use specifically for running tests that require authentication. For example: an end-to-end browser-based simulation that automates a user signing into an application secured by Keycloak; or a programmatic processes that connects to the Keycloak API.

Acquiring Test IDIRs

Testing IDIR's (also known as Positional IDIR's) can be obtained through your Ministry's service desk.

• Natural Resources Ministry: NRS Business Service Desk http://nrsservicedesk.gov.bc.ca/

To request the testing IDIRs take the following steps on that website:

• On the first page, choose 'IT iStore Services' for the type of service you are requesting
• Click on 'iStore Service Requests: Network Access; Email/Outlook Services; IDIR Changes; Computer Needs (Hardware / Software)'
• In the request form:
  • Check the box next to 'Account Services (IDIR Changes; VPN; Cancel Services; GAL/External GAL)'
    and 'Add Services (e.g. VPN/DTS; Positional IDIR; _A Account; etc.)'
    and 'Other (e.g. _A Account. Positional IDIR)'
  • You will need to provide your business area's accounting codes
  • You can then use the text box to enter the requested IDIR usernames.

After a few days, you should receive an IT IStore email with the IDIR. Follow up enquiries can be made by phone: (250) 952-6801 or 1-866-952-6801 (Option 3)

Using Test IDIRs

The CSST team has test IDIR's that were issued in June 2020 (expiring March 31 2021). Their credentials can be found as secrets in the k8vopl-tools Openshift namespace with the secret names following the format csst-test-idir-#-secret, where # represents the idir number.

Usage Notes

When a testing IDIR is used for the first time, the associated password must be changed. You will also need to associate a unique email address. This can be updated later in the Keycloak console.

To use these IDIR's for testing within tools running on OpenShift, the password can be stored in an OpenShift secret so that it is available to the application.