go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2026-05-22 10:15:21 +02:00
Code Issues Releases Activity

Update keycloak provider configuration doc (#347)

Browse Source 
* update keycloak provider configuration doc

* Add changelog entry
This commit is contained in:
sushiMix
2020-01-10 10:41:08 +01:00
committed by Dan Bond
parent 7663565cd3
commit f94dee6f0d
2 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/2_auth.md
+8 -4
View File
@@ -107,8 +107,9 @@ If you are using GitHub enterprise, make sure you set the following to the appro
### Keycloak Auth Provider
1. Create new client in your Keycloak with **Access Type** 'confidental'.
2. Create a mapper with **Mapper Type** 'Group Membership'.
1. Create new client in your Keycloak with **Access Type** 'confidental' and **Valid Redirect URIs** 'https://internal.yourcompany.com/oauth2/callback'
2. Take note of the Secret in the credential tab of the client
3. Create a mapper with **Mapper Type** 'Group Membership' and **Token Claim Name** 'groups'.
Make sure you set the following to the appropriate url:
@@ -116,8 +117,11 @@ Make sure you set the following to the appropriate url:
-client-id=<client you have created>
-client-secret=<your client's secret>
-login-url="http(s)://<keycloak host>/realms/<your realm>/protocol/openid-connect/auth"
-redeem-url="http(s)://<keycloak host>/realms/master/<your realm>/openid-connect/auth/token"
-validate-url="http(s)://<keycloak host>/realms/master/<your realm>/openid-connect/userinfo"
-redeem-url="http(s)://<keycloak host>/realms/<your realm>/protocol/openid-connect/token"
-validate-url="http(s)://<keycloak host>/realms/<your realm>/protocol/openid-connect/userinfo"
-keycloak-group=<user_group>
The group management in keycloak is using a tree. If you create a group named admin in keycloak you should define the 'keycloak-group' value to /admin.
### GitLab Auth Provider