I have followed two excellent guides to set up a client for Nextcloud authentication:
https://rmm.li/wiki/doku.php?id=linux_server_manuals:nextcloud_saml_authentication_against_keycloak
When I create a client with the WildFly-based Docker image, the integration works just fine. However, Keycloak.X does not. Upon browsing to my Nextcloud host, the page redirects to https://login.nunimbus.com/auth/realms/realmid/protocol/saml?SAMLRequest=[...] and shows the error, “We are sorry… Page not found.” I have tried creating the realm and client from scratch as well as exporting/importing the realm from the WildFly image to Keycloak.X - nothing I have tried has worked.
Here is how I am starting my WildFly Keycloak container (I am running behind a reverse proxy):
docker run -ti -p 8080:8080 \
-e KEYCLOAK_USER=keycloak \
-e KEYCLOAK_PASSWORD=<password> \
-e PROXY_ADDRESS_FORWARDING=true \
-e KEYCLOAK_FRONTEND_URL=https://login.domain.com/auth \
jboss/keycloak:latest
For the Keycloak.X image:
docker run \
-e KEYCLOAK_ADMIN=keycloak \
-e KEYCLOAK_ADMIN_PASSWORD=<password> \
-p 8080:8080 \
-ti quay.io/keycloak/keycloak-x \
--http-enabled=true \
--proxy=passthrough
I am happy to provide an export of my realm, but it exceeds the limit for forum posts. I can put it up on GitHub somewhere.
Any thoughts?