--- title: "Configuring and Deploying Access Broker" slug: "configuring-access-broker-on-ui" updated: 2026-04-15T06:59:09Z published: 2026-04-29T10:55:15Z canonical: "docs.britive.com/configuring-access-broker-on-ui" --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.britive.com/llms.txt > Use this file to discover all available pages before exploring further. # Configuring and Deploying Access Broker Make sure to go over the [Prerequisites](/v1/docs/brokers#prerequisites) before configuring and installing a broker. ## Configure Access Broker on UI 1. Log in to your Britive tenant. 2. In the **System admin** → **Brokers and Broker Pools → Broker Pools** section: 1. Create a broker pool using the steps mentioned [here](https://docs.britive.com/docs/broker-pools#create-a-broker-pool). This is a mandatory step even if there is a single Access Broker. A broker pool can have a single or multiple accesses. 2. Click on **Actions** on the **Broker Pools** tab and create a broker pool token from the **Broker Pool Token** tab. This is required for the *config.yaml*file to connect the broker to the broker pool. 3. In the **System admin** → **Resource Management** → **Resource Types** section: 1. Create a resource type. For more information, see [Resource Types](/v1/docs/resource-types). 2. Click **Action,** and then go to the **Permissions** section to create a permission. In this use case, the script is saved and executed from the Access Broker machine/server; hence, the check-in and checkout commands fields on the **Permissions** page are empty. 4. In the **Resource Management** → **Profile Management** section: 1. Create a profile and assign it to the user who would have access to check out this profile. 2. Select all the default options for the policy and assign a user/member who can execute this in the **Policies** tab. ## Access Broker Installation and Configuration ### Download and Install Access Broker 1. The Access Broker software package can be downloaded from the Britive UI. For more information, see [Downloading and Installing Broker](/v1/docs/brokers#downloading-and-installing-the-broker). 2. The following folders are created after installing a broker: 1. bootstrap (to keep files such as broker-name-generator.sh. This script is optional) 2. cache 3. config (broker yml config file. The broker gets the configuration, script name, etc. from this file to execute.) 4. scripts (scripts to control and manage checkout and checkin permissions) ### Configure Access Broker #### Broker Name Generator Script It is best practice to dynamically generate the Britive Access Broker name based on something unique to the system on which the broker is running. For lab testing, a static name could be used. In production or at scale deployment, a static name could pose problems. In our example, the broker name is picked up from the output of this script. #### Access Broker YAML Configuration File The *broker-config.yml* template file is provided as part of the installation. Rename and keep that file in the folder. Now, create a new file with the same name, update values for ***subdomain***, ***token*** and ***path*** below, copy and paste into the broker-config.yml. ```plaintext config:   bootstrap:      tenant_subdomain:      authentication_token:      broker_name_generator: broker-name-generator.sh resource_types:   HelloBritive-Resource-Type:     HelloBritive-Permission:       max_supported_version: local       checkout_script: //britive-broker-scripts/checkout_hello_britive_script.sh       checkin_script: //britive-broker-scripts/checkin_hello_britive_script.sh ``` ### Access Broker UI to YAML File Mapping The mapping of fields from UI to YAML config file is key to successfully executing scripts. Configure the UI part first, and then update the broker config file. In the above *broker-config.yaml* file, note the *resource_types* section. The resource type and associated permissions are created using the [Configuring Access Broker using UI](/v1/docs/configuring-access-broker-on-ui#configure-access-broker-on-ui). #### Test Checkout and Checkin Scripts Copy the following test scripts in the folder of your choice and make sure to provide the full path with execution rights. **checkout_hello_britive_script.sh** ```bash #!/bin/bash echo "Hello Britive World. JIT permission checkout completed  successfully" ``` **checkin_hello_britive_script.sh** ```bash #!/bin/bash echo "Hello Britive World. JIT permission checkin completed  successfully" ``` ### Start Access Broker Software ```bash $ java -jar britive-broker-0.1.3.jar > britive-access-broker.log ``` The active broker is displayed on the **Admin** → **Brokers and Broker Pools** → **Brokers** page. ### Checkout and Checkin Testing #### Checkout For more information about how to check out a profile, see [My Access](/v1/docs/profile-mgmt-myaccess). #### Check in Checkin does not show any output on the screen. If you don’t get any error on the UI, then it means it is working fine.