Hi everyone,
Does anyone have an example of how to authenticate using Keycloak?
Hey Luis. I did it successfully yes.
You have to create a Keycloak OIDC Client. You enable Client authentication (confidential client) and standard flow. You fill in Valid redirect URIs with https://[your-corteza]/auth/external/openid-connect.[your-corteza-client-handle]/callback. You fill web origins with https://[your-corteza]. You save and go to tab “credentials”. There you copy the client secret to clipboard.
In Corteza (2024.9) you go to Admin > Auth settings. There is a section called External Authentication Providers where you click on Add an OIDC provider. In the popup:
-
Handle: Doesnt matter as long as it is the same name you use in Keycloak in your valid redirect URI.
-
OIDC Issuer URL: https://[your-keycloak]/realms/[your-realm]
-
Client key: Whatever you called you Client in Keycloak
-
Secret: The Client secret you copied to your clipboard
-
Scope: “openid email profile”
Click on ok and I think that should be it. I run Corteza in Docker and it might be that I had to restart the Container but not sure.
@Swordfish would you mind if this gets included in the documentation? If all is good, could you please provide some screenshots to describe this?
Hey
Yeah sure you can do that.
Regarding the screenshot… I followed another approach in my project (Corteza Impersination Token) to integrate Corteza with my other stuff, so unfortunately I deleted the approach I described above
But it should be easy to reproduce as long as you have a little experience with both tools I guess.
Maybe you can try to do so and if you get stuck, just ping me.
Edit: Ok nevermind, I just set it up again. I have the screenshots but this Forum wont let me upload more than one media file per post and zip is not possible either. How can I provide you the screenshots @tjerman ?
Ok I think it works now. So here are the screenshots.
First we create the Keycloak Client:
Then we copy the CLient secret to the clipboard:
Then we create the Corteza Provider:
Click on “Add an OIDC Provider” Button:
Fill the form:
Click on submit to save the new provider:
Restart Corteza Container. Now your Corteza Login should have a new button:
And this should lead you to the Keycloak Login:
I you have any questions/issues, just let me know
Amazing thanks a lot🙏