.andrealai
.andrealai16mo ago

Integration with KEYCLOACK

Hello everyone, has anyone ever integrated WindMill with KeyCloak? Could you give me a hand to understand where I am going wrong? Specifically, I have created a new client with a secret ID in KeyCloak, and in WindMill, I have created the OAuth file as indicated in the guide. In theory, I should be able to log in to WindMill with the credentials created in KeyCloak, but I'm having trouble. Any ideas? Thank you.
7 Replies
rubenf
rubenf16mo ago
can you check in your server logs if the oauth file is well mounted, and write more details about your trouble
.andrealai
.andrealaiOP16mo ago
Hi rubens thank you for your help. I have checked the log, and the OAuth files seem to be correctly loaded. I am attaching a screenshot. Thank you!
No description
rubenf
rubenf16mo ago
do not use keycloak_omniecare but just keycloak
.andrealai
.andrealaiOP16mo ago
I changed as suggested by you, but the result is the same. I'm starting to doubt that it's the version of WindMill. We are still on version 86. Is that plausible?
rubenf
rubenf16mo ago
Possibly, won't hurt to update in any case At the very least we improved the debugging logs for oauth The documentation is slightly confusing, the documentation there is for making keycloak a resource
"keycloak_<realm>": {
"id": "...",
"secret": "...",
"login_config": {
"auth_url": "https://.../realms/<realm>/protocol/openid-connect/auth",
"token_url": "https://.../realms/<realm>/protocol/openid-connect/token",
"userinfo_url": "https://.../realms/<realm>/protocol/openid-connect/userinfo",
"scopes": ["openid", "offline_access"]
}
}
"keycloak_<realm>": {
"id": "...",
"secret": "...",
"login_config": {
"auth_url": "https://.../realms/<realm>/protocol/openid-connect/auth",
"token_url": "https://.../realms/<realm>/protocol/openid-connect/token",
"userinfo_url": "https://.../realms/<realm>/protocol/openid-connect/userinfo",
"scopes": ["openid", "offline_access"]
}
}
should work if it works, I will edit the docs
.andrealai
.andrealaiOP16mo ago
I'll try immediately and I'll let you know. We solved it by upgrading to version 134 and applying the configuration you proposed. The documentation should be updated to change the tag 'connect_config' to 'login_config' and add the line for 'userinfo_url.' Thank you so much for the help, you have been extremely useful. In case you need it, we have an example of a docker compose. Goodbye.
rubenf
rubenf16mo ago
we've updated the docs