mirror of
https://github.com/wekan/wekan.git
synced 2025-12-16 15:30:13 +01:00
Updated Keycloak (markdown)
Lauri Ojansivu
parent
334841bf49
commit
7e9b8e134f
1 changed files with 31 additions and 11 deletions
42
Keycloak.md
42
Keycloak.md
|
|
@ -6,17 +6,6 @@ Keycloak settings: [realm-export.zip](https://wekan.github.io/keycloak/realm-exp
|
|||
|
||||
Environment Variables that need to be set in your Wekan environment:
|
||||
|
||||
* OAUTH2_ENABLED = TRUE
|
||||
* OAUTH2_CLIENT_ID = `<Keycloak create Client ID>`
|
||||
* OAUTH2_SERVER_URL = `<Keycloak server name>/auth`
|
||||
* OAUTH2_AUTH_ENDPOINT = `/realms/<keycloak realm>/protocol/openid-connect/auth`
|
||||
* OAUTH2_USERINFO_ENDPOINT = `/realms/<keycloak realm>/protocol/openid-connect/userinfo`
|
||||
* OAUTH2_TOKEN_ENDPOINT = `/realms/<keycloak realm>/protocol/openid-connect/token`
|
||||
* OAUTH2_SECRET = `<keycloak client secret>`
|
||||
* OAUTH2_ID_MAP = `preferred_username`
|
||||
* OAUTH2_USERNAME_MAP = `preferred_username`
|
||||
* OAUTH2_FULLNAME_MAP = `given_name`
|
||||
* OAUTH2_EMAIL_MAP = `email`
|
||||
> When creating a Client in keycloak, ensure the access type is confidential under the settings tab. After clicking save, you will have a Credentials tab. You can retrieve the secret from that location.
|
||||
|
||||
## Snap
|
||||
|
|
@ -34,3 +23,34 @@ sudo snap set wekan oauth2-username-map='preferred_username'
|
|||
sudo snap set wekan oauth2-fullname-map='given_name'
|
||||
sudo snap set wekan oauth2-email-map='email'
|
||||
```
|
||||
### Debugging, if it does not work
|
||||
```
|
||||
sudo snap set wekan debug='true'
|
||||
```
|
||||
Click Oidc button. Then:
|
||||
```
|
||||
sudo snap logs wekan.wekan
|
||||
sudo systemctl status snap.wekan.wekan
|
||||
```
|
||||
|
||||
## Docker
|
||||
|
||||
[docker-compose.yml](https://github.com/wekan/wekan/blob/devel/docker-compose.yml)
|
||||
```
|
||||
- DEBUG=true
|
||||
- OAUTH2_ENABLED=true
|
||||
- OAUTH2_CLIENT_ID=<Keycloak create Client ID>
|
||||
- OAUTH2_SERVER_URL=<Keycloak server name>/auth
|
||||
- OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth
|
||||
- OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo
|
||||
- OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token
|
||||
- OAUTH2_SECRET=<keycloak client secret>
|
||||
- OAUTH2_ID_MAP=preferred_username
|
||||
- OAUTH2_USERNAME_MAP=preferred_username
|
||||
- OAUTH2_FULLNAME_MAP=given_name
|
||||
- OAUTH2_EMAIL_MAP=email
|
||||
```
|
||||
### Debugging, if it does not work
|
||||
```
|
||||
docker logs wekan-app
|
||||
```
|
||||
Loading…
Add table
Add a link
Reference in a new issue