Skip to content

Latest commit

 

History

History
69 lines (44 loc) · 2.39 KB

keycloak.md

File metadata and controls

69 lines (44 loc) · 2.39 KB
Raw
description
This guide shows how to set-up Keycloak identity provider with Aidbox

Keycloak

Create a realm

  • Click on the dropdown in the top-left corner where it says Master, then click on Create Realm\

  • Pul the name of your realm to the Realm name input

Create a client

  • Click the Clients menu item in the left sidebar

  • Then click the Create client button\

  • Enter the client data\

  • Check the Client authentication checkbox\

  • Add <aidbox-url>/auth/callback/keycloak to Valid redirect URIs field.\

Create IdentityProvider in Aidbox

  • Open REST console in AidboxUI and create IdentityProvider resource
POST /IdentityProvider

scopes:
  - profile
  - openid
system: keycloak
authorize_endpoint: <keycloak-url>/realms/<your-realm>/protocol/openid-connect/auth
token_endpoint: <keycloak-url>/realms/<your-realm>/protocol/openid-connect/token
userinfo_endpoint: <keycloak-url>/realms/<your-realm>/protocol/openid-connect/userinfo
userinfo-source: id-token | userinfo-endpoint
client:
  id: <your client id>
  secret: <your client secret>
resourceType: IdentityProvider
title: Keycloak
active: true
id: keycloak

You can find client secret on Clients details page under Credentials tab

Login into Aidbox

Go to your Aidbox base URL, you will be redirected to the login page - you should see "Log in with Keycloak" button. Press this button and log in with Keycloak user into aidbox. This user will be logged into Aidbox Console, but without any permissions. Read more in Access Control Section about permissions.