KeyCloak

KeyCloak as Identity Provider

To use KeyCloak as an Auth Provider, you must install and maintain an own installation of KeyCloak. A docker installation is fast achieved.

https://www.keycloak.org/getting-started/getting-started-docker

In KeyCloak you have to set up first a "Realm". This is a tenant within KeyCloak. Select (or create) your Realm with the top left corner menu.

In your Realm, you can then create and configure a Client. We show here the most minimal configuration to enable Sign in and Sign up with KeyCloak for OpenFlower.

Setup a KeyCloak Client

Choose a name and id for your Client.

Make sure the "Standard Flow" is activated, as also "Client authentication" and "Authorization". Only when checked these options, KeyCloak will issue the needed Client-Secret.

Configure the OpenFlower redirect URLs.

For the cloud, the "Valid redirect URI" is https://prod-us1.openflower.org

After the setup, you can now look for the generated Client-Secret.

copy the Client Secret for the setup of KeyCloak as Auth Provioder in OpenFlower

Check the Settings to make sure the right capabilities are activated...

KeyCloak as OpenFlower Auth Provider

in OpenFlower, go to Settings > OAuth Provider and select "KeyCloak" in the "Add OAuth Provider Dialogue"

Now you can enter all settings for KeyCloak

Instance ID is the Base URL of your KeyCloak Installation

You can also change settings later.

The minimal scope to setup is "offline_access openid".

Thats it! Now you can use KeyCloak to offer your Users to Sign in and Sign up with KeyCloak.

PreviousOAuthNextGoogle

Last updated