Hi everyone,
Does anyone have an example of how to authenticate using Keycloak?

Hey Luis. I did it successfully yes.

You have to create a Keycloak OIDC Client. You enable Client authentication (confidential client) and standard flow. You fill in Valid redirect URIs with https://[your-corteza]/auth/external/openid-connect.[your-corteza-client-handle]/callback. You fill web origins with https://[your-corteza]. You save and go to tab “credentials”. There you copy the client secret to clipboard.

In Corteza (2024.9) you go to Admin > Auth settings. There is a section called External Authentication Providers where you click on Add an OIDC provider. In the popup:

• Handle: Doesnt matter as long as it is the same name you use in Keycloak in your valid redirect URI.

• OIDC Issuer URL: https://[your-keycloak]/realms/[your-realm]

• Client key: Whatever you called you Client in Keycloak

• Secret: The Client secret you copied to your clipboard

• Scope: “openid email profile”

Click on ok and I think that should be it. I run Corteza in Docker and it might be that I had to restart the Container but not sure.

@Swordfish would you mind if this gets included in the documentation? If all is good, could you please provide some screenshots to describe this?

Hey

Yeah sure you can do that.

Regarding the screenshot… I followed another approach in my project (Corteza Impersination Token) to integrate Corteza with my other stuff, so unfortunately I deleted the approach I described above

But it should be easy to reproduce as long as you have a little experience with both tools I guess.

Maybe you can try to do so and if you get stuck, just ping me.

Edit: Ok nevermind, I just set it up again. I have the screenshots but this Forum wont let me upload more than one media file per post and zip is not possible either. How can I provide you the screenshots @tjerman ?

@Swordfish , thanks for the reply. I’m also interested in the screenshots.

Ok I think it works now. So here are the screenshots.

First we create the Keycloak Client:

Create_keycloak_client_11681×466 22.5 KB

Create_keycloak_client_21307×558 37.7 KB

Create_keycloak_client_32145×925 158 KB

Then we copy the CLient secret to the clipboard:

get_client_secret_of_keycloak_client1421×678 29.6 KB

Then we create the Corteza Provider:

Click on “Add an OIDC Provider” Button:

create_corteza_provider_12092×1010 140 KB

Fill the form:

create_corteza_provider_21027×1205 102 KB

Click on submit to save the new provider:

create_corteza_provider_32155×1208 259 KB

Restart Corteza Container. Now your Corteza Login should have a new button:

login_with_keycloak_11467×847 37.5 KB

And this should lead you to the Keycloak Login:

login_with_keycloak_21127×627 35 KB

I you have any questions/issues, just let me know

Amazing thanks a lot🙏