MoinMoin Logo
  • Comments
  • Immutable Page
  • Menu
    • Navigation
    • RecentChanges
    • FindPage
    • Local Site Map
    • Help
    • HelpContents
    • HelpOnMoinWikiSyntax
    • Display
    • Attachments
    • Info
    • Raw Text
    • Print View
    • Edit
    • Load
    • Save
  • Login

Navigation

  • Start
  • Sitemap

Upload page content

You can upload content for the page named below. If you change the page name, you can also upload content for another page. If the page name is empty, we derive the page name from the file name.

File to load page content from
Page name
Comment

Revision 8 as of 2021-07-09 17:47:37
  • keycloak

keycloak

Open Source Identity and Access Management.

  • https://www.keycloak.org/

OIDC

  • https://www.scottbrady91.com/OpenID-Connect/OpenID-Connect-Overview

OpenID Connect (OIDC) provides a simple identity layer on top of the OAuth 2.0 protocol, enabling Single Sign-On (SSO) and API access in one round trip. It brings the missing user authentication story and identity layer to OAuth.

Steps setup realm

   1 cd /tmp
   2 wget https://github.com/keycloak/keycloak/releases/download/14.0.0/keycloak-14.0.0.zip
   3 unzip -t keycloak-14.0.0.zip
   4 unzip keycloak-14.0.0.zip
   5 cd ~/tmp/keycloak-14.0.0/bin
   6 sh standalone.sh 
   7 http://localhost:8080/auth

* http://localhost:8080/auth Administration Console User: admin Password: admin Password confirmation: admin Click on Create

http://localhost:8080/auth/admin/master/console/#/realms/master login with admin:admin http://localhost:8080/auth/admin/master/console/#/create/realm Name: MyRealm Enabled: On Click on Create http://localhost:8080/auth/admin/master/console/#/realms/MyRealm

Go to Users Click on Add user Username: myuser User enabled: ON Save http://localhost:8080/auth/admin/master/console/#/realms/MyRealm/users

Select user myuser, Select credentials tab, Password: mypwd Password confirmation: mypwd, Temporary: off Click on "Set Password"

http://localhost:8080/auth/admin/master/console/#/realms/MyRealm/roles http://localhost:8080/auth/admin/master/console/#/create/role/MyRealm Add role USER to MyRealm Role name: USER Click on Save

http://localhost:8080/auth/admin/master/console/#/realms/MyRealm/users select user myuser select tab Role mappings select user and click on add selected

Signout http://localhost:8080/auth/realms/MyRealm/account/

http://localhost:8080/auth/admin/master/console/#/realms/MyRealm/clients click on create client id: curl_confidential client protocol: openid-connect root url: http://localhost:8080 Click on save

Clients Curl_confidential settings: access-type: confidential Should appear tab Credentials Client authenticator: Client ID and secret Click on "Regenerate Secret" # 3a862f1b-6687-4f7a-8e04-be494fca99e0

Clients Curl_confidential Mappers Add builtin "realm roles", "groups" add selected For each map add "Add to userinfo"

Clients Curl_confidential Scope, select full scope allowed: ON

realm: MyRealm user pwd: myuser mypwd client id: curl_confidential protocol: openid-connect Curl_confidential settings: access-type confidential valid redirect url http://localhost:8080 tab credentials: regenerate secret 3a862f1b-6687-4f7a-8e04-be494fca99e0

  • MoinMoin Powered
  • Python Powered
  • GPL licensed
  • Valid HTML 4.01