AIDIAL Admin Panel Backend

Admin Panel API for AIDIAL Core. This API exposes REST endpoints to manage dial-core configuration. The system uses a database (H2/PostgreSQL) as persistent storage and includes a scheduled job that produces a JSON file compatible with dial-core config format. This file can be used by aidial-core if listed in the config.files configuration property.

For more information about aidial-core, visit the aidial-core repository or DIAL Documentation.

Table of Contents

• AIDIAL Admin Panel Backend
  • Table of Contents
  • Prerequisites
  • Features
  • REST API
  • Configuration
    • Authentication
    • Keycloak
  • Managing Existing Dial Core Configurations
  • Getting Started
    • Run Application with Gradle
    • Run with Docker
      • Build Docker Image
      • Run Container
    • Run Locally with Docker Compose
  • Security
  • Contributing
  • License

Prerequisites

• Java 17 or higher
• Gradle 7.x or higher
• Docker and Docker Compose (for containerized deployment)

Features

• RESTful API for managing dial-core configurations
• RESTful API for managing dial-core public resources
• RESTful API for managing dial-core publications
• Multiple authentication methods (Basic Auth and JWT)
• Multiple database support for internal storage (Basic Auth and JWT)
• Keycloak/AzureAD integration for identity management
• Configuration file generation and management
• DIAL core config file expot in multiple destinations (File on filesystem/Kubernetes ConfigMap/Kubernetes Secret/Azure Keyvault/Hashicorp/AWS Vault/GCP secrets manager)
• Containerized deployment support
• Health monitoring endpoints
• Metrics query API with InfluxDB integration [https://github.com/epam/ai-dial-analytics-realtime]

REST API

The Admin Panel API exposes REST endpoints under the /api/v1 prefix. Sample REST API requests can be found in AdminPanel.http.

For detailed API documentation, refer to the API Documentation.

Configuration

Complete list of configuration properties can be found here.

Authentication

Security is disabled for default configuration. It's highly not recommended to use default configuration for production environment.

For production environment:

• Set CONFIG_REST_SECURITY_MODE environment variable with either oidc or basic value
• (optional) Set MS_SQL_SERVER_OPS environment variable with encrypt=true; value if application is launched with sql server.

The system supports two authentication methods:

1. Basic Authentication (Default)

   • Configure username and password in application.properties:

     spring.security.user.name=your_username
     spring.security.user.password=your_password

   • Enable with:

     config.rest.security.mode=basic
     com.c4-soft.springaddons.oidc.resourceserver.enabled=false

2. JWT Authentication

   • Configure Identity Provider settings:

     com.c4-soft.springaddons.oidc.resourceserver.enabled=true
     com.c4-soft.springaddons.oidc.ops[0].iss=your_issuer
     com.c4-soft.springaddons.oidc.ops[0].authorities[0].path=your_authorities_path
     com.c4-soft.springaddons.oidc.ops[0].username-claim=your_username_claim
     com.c4-soft.springaddons.oidc.ops[0].jwk-set-uri=your_jwk_set_uri

   • Enable with:

     config.rest.security.mode=oidc
     com.c4-soft.springaddons.oidc.resourceserver.enabled=true

Keycloak

Keycloak can be used as a simple IDP replacement for local test/development. Please refer to the Keycloak setup guide for more information.

Managing Existing Dial Core Configurations

The system creates an empty configuration. To utilize existing Dial Core configurations:

1. Import configuration file in the AIDIAL admin panel using special import endpoint

Getting Started

Run Application with Gradle

Run with H2 database

From the project's root directory:

Execute

python secrets-utils/keys_generator.py

to get values for

• H2_DATASOURCE_PASSWORD,
• H2_DATASOURCE_MASTER_KEY,
• H2_DATASOURCE_ENCRYPTED_FILE_KEY

environment variables.

Set those environment variables and execute

./gradlew bootRun

Run with POSTGRES database

From the project's root directory:

Execute

cd local_env
docker-compose up postgres

to start postgres container.

Set DATASOURCE_VENDOR=POSTGRES environment variable to run application with postgres database.

Execute

./gradlew bootRun

Run with MS_SQL_SERVER database

From the project's root directory:

Execute

cd local_env
docker-compose up sqlserver

to start sqlserver container.

Set DATASOURCE_VENDOR=MS_SQL_SERVER environment variable to run application with sql server database.

Execute

./gradlew bootRun

Run with Docker

Build Docker Image

docker build . -t aidial/ai-dial-admin-backend:latest

Run Container

docker run -p 8080:8080 <image:tag>

Verify the installation:

curl -X GET --location "http://localhost:8080/api/v1/health"

Expected response:

{
  "status": "UP"
}

Run Locally with Docker Compose

Use the predefined setup in docker-compose.yml

docker-compose up

Components diagramm

Security

For information about security practices and reporting security issues, please refer to our Security.md document.

Contributing

We welcome contributions! Please see our Contributing Guide for details.

License

This project is licensed under the Apache License 2.0 - see the LICENSE file for details.