[BUG] Sharing Keycloak setup, not exactly a bug but certainly felt like one #1554
Closed
5 tasks done
Labels
🐛 Bug
[ISSUE] Ticket describing something that isn't working
Environment
Self-Hosted (Docker)
System
Docker 25
Version
3.0
Describe the problem
It wasn't very smooth for me to get Dashy 3.0 and KC 24.0.3 working together, but I kinda got there, so sharing my settings that may help others. Also there's a bit bug like behavior, not sure which side it originate from, or just need a documentation update
Most of Dashy doc are good, here are some crucial details
In TC clients,
"Client authentication" must be switched off, otherwise it gets into a redirect loop, or at least that's how it looks like to me.
In TC clients -> Advanced -> OpenID Connect Compatibility Modes,
"Exclude Issuer From Authentication Response " must be switched on. Otherwise it redirects to "https://dashy.my.domain/#iss=https://keycloak.my.domain/realms/my-realm"
You can still login to dashy, but refresh, logout will generate in TC error="invalid_redirect_uri"
In TC clients -> Access settings, if you are using multiple dashy pages, you need
Otherwise other pages will generate in TC error="invalid_redirect_uri"
With above steps, I got KC working ok, but show/hide based on group/role still doesn't work, raised here #1550
Additional info
No response
Please tick the boxes
The text was updated successfully, but these errors were encountered: