Private Mendix Platform Functionalities - System Administrators

Last modified: January 24, 2025

Introduction

In Private Mendix Platform, system administrators primarily manage key settings which must be configured during the initial implementation, and which are rarely modified during normal operation. Settings relevant for systems admins are available in the Settings section of the admin navigation menu.

Accessing the Configuration Settings

As a user with system administrator access rights, you can access the Private Mendix Platform configuration settings by performing the following steps:

  1. Switch to Admin Mode by clicking the profile picture in the top right corner of the screen and selecting Switch to Admin Mode.
  2. In the left navigation menu, open the Settings section.

Settings

The Settings section of the administrator navigation menu contains setting relevant to your day-to-day tasks as a system admin. You can use it to manage your branding, license, Marketplace settings, and version control settings.

Some of the settings that you configure here are initially set by the Private Platform Configuration Wizard. System administrators can also update them at any time after the initial configuration.

Preferences

General configuration settings allow you to manage the basic aspects of your Private Mendix Platform, such as the platform name and branding, toggling certain capabilities on or off, and version support settings. The settings in this section are largely configured when you run the initial configuration wizard, but you can still review and adjust them later during the implementation process.

General

The General tab allows you to configure information about your organization, and optionally also the Certified Mendix Partner that is working with you on implementing Private Mendix Platform. You can also use it to configure your locale settings.

Branding

The settings in this section allow you to configure custom branding for your Private Mendix Platform. You can customize the title of the Platform as shown in the top bar, upload your logo, or change the image on the login page. You can also configure an access banner that users will see before, during, or after the login page of your app, for example, to display any information about privacy or security that you want to communicate to your users.

Support

In this section, you can provide your own help and support instructions for users of your Private Mendix Platform.

Users can then see these instructions on the Logs and Events page for their app.

Export Settings

You can export your Private Mendix Platform settings to a JSON configuration file as backup, or to speed up the implementation of new Private Mendix Platform instances.

Settings can only be imported during the initial configuration of the platform. To ensure data integrity and platform stability, you cannot import them into an instance that is already configured and running.

Notifications

Notification settings allow you to manage the notifications generated by Private Mendix Platform. These settings are necessary to ensure that your system can send out notifications.

General

In the current release of Private Mendix Platform, notifications are shown in the Platform itself. In future versions, you will also be able to enable email and push notifications.

Administrative Tasks

In this tab, you can trigger cleaning the scheduled event queue.

Marketplace

For Private Mendix Platform, the Marketplace is also private and hosted entirely within the platform itself. The settings in this section allow you to configure the administrative settings for publishing and downloading content to and from the private Marketplace.

Content Approvals

In this tab, you can configure whether contents that users publish to the private Marketplace requires administrator approval before publishing. To view all pending, published, and rejected content items, click Go to Marketplace Management.

Content Import

You can populate your private Marketplace with contents by importing a zip file that contains the content packages along with a package.json file. You can upload the file from a Content Delivery Network, or manually from your local machine.

Manually Importing Marketplace Content

To manually upload a content bundle from your own computer, perform the following steps:

  1. Download the Marketplace Bundle with contents available in a zip file. If you do not have access to the bundle, contact your Mendix point of contact.
  2. Click Upload Marketplace Bundle to go to the Import Content > Upload Marketplace Bundle tab.
  3. Follow the steps described in Company Administrators.
Importing Marketplace Content from a CDN

To enable content import from a Content Delivery Network, follow these steps:

  1. Download the Marketplace Bundle with contents available in a zip file. If you do not have access to the bundle, contact your Mendix point of contact.

  2. Unzip the files to an internal location which Private Mendix Platform can access via HTTP or HTTPS. Do not change the directory structure.

  3. If using a self-signed certificate for your internal locations, configure Mendix Operator to trust your private Certificate Authorities. For more information, see Creating a Private Cloud Cluster.

  4. In the Content Import tab, in the Marketplace import bundle URL field, enter the root URL of the package.json file included in the Marketplace download.

    For example, if the package.json can be accessed at the URL https://<your domain>/release/marketplace/Marketplace-1.0/package.json, enter the following URL: https://<your domain>/release/marketplace/Marketplace-1.0/.

  5. Set the Authentication toggle to ON, and then specify the user name and password required to download the bundle.

  6. Click Save to enable content import from this bundle.

  7. Click Go to Marketplace Import to view the available downloads in the Import Content > Import from CDN tab.

Version Support

In this section, you can view or disable the versions of Mendix Studio Pro that your users are allowed to download.

Integrations

In the Integrations section of the administrator menu, you can configure settings related to identity and access, version control, CI/CD, and others.

Identity & Access

In this section, you can configure SSO authentication for your users logging in to Private Mendix Platform. OIDC and SAML are supported as protocols.

IdP Integration (OIDC)

You can configure SSO authentication with the OIDC protocol. For more information, see Runtime Configuration of Your IdP at Your App.

IdP Integration (SAML)

To configure SSO authentication with the SAML protocol, first configure the service provider in the SP Configuration tab, and then create the IdP-specific settings in the IdP Configuration tab.

To debug the configuration, you can view the log files in the Log tab.

OIDC Provider

The settings under this tab control the connection between Studio Pro and the platform. They should not be changed without advanced knowledge of the platform. Stop and restart the Private Platform portal if you are having trouble logging in with Studio Pro.

SCIM Provisioning

System for Cross-Domain Identity Management (SCIM) is a protocol that simplifies user access management for applications. Private Mendix Platform uses the SCIM standard to pre-provision selected users onto your Platform without the users having to manually log in through SSO first.

To enable SCIM provisioning, perform the following steps:

  1. Log in to Private Mendix Platform as an administrator.
  2. In the Authentication section, click the IdP Integration (OIDC) or the IdP Integration (SAML) tab.
  3. Edit your IdP configuration, and then click the Provisioning tab.
  4. In the Just in time provisioning section, map the IdP attributes to the matching Mendix object attributes.
  5. In the Authentication section, click the SCIM Provisioning tab, and then click New.
  6. In the IDP Configuration Page dialogue, enter a name for the connection, and obtain the token for your identity provider by clicking Copy.
  7. Enter the token in the configuration panel of your identity provider and verify that the connection is working.
MxAdmin Settings

By default, the platform has a default system administrator account called MxAdmin. You can disable the account by setting the Disable MxAdmin toggle to Yes.

Preferences

You can configure the following preferences for login sessions in Private Mendix Platform:

  • Inactivity Period for Automatic Account Disabling (Hours) - The number of hours after which an unused account is disabled; if set to 0, accounts are not automatically disabled
  • Maximum Concurrent Sessions Per User Account - The maximum number of concurrent login sessions that users can have; if set to 0, logging in while another session is running (for example, on a different browser or machine) ends the previous session and logs the user off
  • Failed Login Attempts to Lockout - The number of failed login attempts after which the user account is locked for the duration specified below; if set to 0, accounts are not automatically locked out
  • Account Lockout Duration (Minutes) - The number of minutes after which a locked out account is reactivated; if set to 0, locked out accounts must be reactivated by an administrator

By default, all of these options are disabled (that is, set to a 0 value). To enable any of them, enter a number greater than zero into the corresponding field.

Project Management

You can integrate your Private Mendix Platform with Jira by Atlassian to manage your sprints and roadmap. Enabling the integration links your commits from Mendix Studio Pro directly to your user stories in Jira. The integration requires an active Jira license and a user with admin rights.

To enable the connection, click Connect Jira, and then provide the following information:

Version Control

To create applications and collaborate, configure the connection to your version control repository. GitHub, GitLab, Azure DevOps, and Bitbucket are supported as version control systems. For more information, see Configuring the Version Control System for Private Mendix Platform.

Build

Settings in this section allow you to configure your CI/CD capabilities and Build pipeline.

Build Method

Configure CI/CD capabilities for your app. If you enable this option, you must also specify your CI system, configure the necessary settings, and register a Kubernetes cluster. Tekton, Jenkins, AzureDevops and Kubernetes are supported. You can also configure a custom template for your CI/CD capabilities.

Build Steps

By default, the Build pipeline consists of the following steps:

Trigger Pipeline > Prepare Build > Start Build > Save Build Artifact > Complete Build

For Kubernetes CI, you can configure the pipeline to include additional steps after the pipeline is triggered, and before the build is completed. These additional steps can include webhook and REST calls, or manual approval for the build.

Deployment

Settings in this section allow you to configure your Deployment pipeline.

Deployment Method

Private Mendix Platform uses Private Cloud deployment options. For more information, refer to Deploying a Mendix App to a Private Cloud Cluster.

Deployment Steps

By default, the Deploy pipeline consists of the following steps:

Trigger Pipeline > Get Deployment Artifact > Deploy App > Complete Pipeline

You can configure the pipeline to include additional steps after each default step. These additional steps can include webhook and REST calls, or manual approval for the build.

You can also configure the pipeline to take into consideration the type of changes. Selecting the Changes/updates to an app environment check box allows you to bypass the deployment steps and instead simply restart the app in case of changes to the app environment (such as the app constants or the number of replicas).

Security

To help fulfill compliance requirements related to account control, Private Mendix Platform now supports disabling the default MxAdmin account for apps at deployment. This setting effectively removes the ability to access the app using the default system admin account, and is only recommended when combined with default use of an SSO module to avoid lockout.

Advanced

In this section, you can adjust the advanced configuration settings of your Private Mendix Platform.

Capabilities

The settings in this section allow you to configure the basic aspects of your Private Mendix Platform:

  • Enable App Projects? - Recommended. Enables you to create and manage your app projects. Enables app projects and related settings across the portal. Must be enabled for CI/CD capabilities.
  • Enable Marketplace? - Recommended. Enables you to use the Private Platform’s Marketplace capabilities to upload, import and manage Marketplace contents. The Marketplace enabled here is hosted entirely within your Private Mendix Platform.
  • Enable Build and Deploy - Recommended. Enables you to use the Private Platform’s CI/CD capabilities to build and deploy apps. Enables the Build and Deploy pipeline, environments,# metrics, logging, and related settings.
  • Enable Identity & Access Integration? - Optional. Enable users to log in using SSO by configuring your IdP integration.
  • Allow sign up? - Optional. Enable users to log in with a local user account, instead of or in addition to SSO.
  • Enable Webhooks? - Optional. Webhooks allow to send information between platform and external systems, and can be triggered by events around Apps, Users, Groups, Marketplace and CI/CD.
  • Enable License Management? - Recommended. Upload your license bundle to automatically provision app licenses through Private Cloud License Manager. For more information, see Private Cloud License Manager.

Operational

In this section, you can access the list of scheduled events and the Mx Model Reflection tool.

Scheduled Event

This tab shows a list of all the scheduled tasks and actions in the system, together with start time, end time, and status.

Mx Model Reflection

For more information about this platform-supported module, refer to Mx Model Reflection.