Replies: 3 comments 10 replies
-
Finally, get it working. I am now able to log in through Keycloak SSO from the Directus login page by removing from the config: REFRESH_TOKEN_COOKIE_DOMAIN="localhost:8055"
REFRESH_TOKEN_COOKIE_SECURE="true"
REFRESH_TOKEN_COOKIE_SAME_SITE="None" But as I need seamless SSO, I have to find out what's wrong with these REFRESH_TOKEN_COOKIE configs. |
Beta Was this translation helpful? Give feedback.
10 replies
-
same issue, tried everything but no use |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am trying to implement SSO authentication through a Keycloak server. Directus (9.17.4) running locally, Keycloak (19) running remotely, the authentication from the Directus admin application does not work as expected.
Here is my Directus config related to SSO:
The Keycloak login button is displayed on http://localhost:8055/admin/login. When I click it and log in on the Keycloak authentication page (using email
tmlb@pm.me
), tracking the Network shows me something as this:And in the Directus logs:
At the end, I end up on the Directus login page as if nothing happened, except the
continue
query param in the URL.From what I understand from the OIDC protocol, Directus should ask the Keycloak server for the token by calling
https://{The Keycloak remote server}/realms/local/protocol/openid-connect/token
but it doesn't appear in the network.Am I missing something ? Thank you 🤙
Beta Was this translation helpful? Give feedback.
All reactions