Hello all,
i’am running Keycloak with Version 23.0.7 on Univention Server. I’ve configured Nextcloud for Saml and Proxmox for OpenID (Oauth). No my next goal is to configure Portainer für OpenID authentication. That i have done.
At least I already get an error message: Unauthorized
Thats good so i can see the Communication is working no. Here are my entries in portainer:
Client ID: portainer
Client secret: XXX
Authorization URL: https:/ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/auth
Access token URL: https:/ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/token
Resource URL: https:/ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/userinfo
Redirect URL: https:/do-dmz.osit.cc:9443
Logout URL: https:/ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/logout
User identifier: username (should be ok, because the same works for Proxmox)
Scopes: Tested here a lot of things: mail, email, name, id…
(the links have only one “/” because i can’t post links, i’am new at the forum=
I even see a running session in Keycloak for Portainer, but it won’t let me in. Always “Unauthorized”.
Under Keycloak i’ve configured not very much.
Any idea? That can only be a small thing.
- Client-ID
- Valid redirect URIs
- Web Origins (filled in automaticliy)
- Client authentication, Authorization are “on”
- Authentication flow: Standard flow, Direct access grants and OAuth 2.0 Device Authorization Grant are also “on”
Very Thanks
boospy