i’am running Keycloak with Version 24.0.5. I’ve configured Nextcloud for Saml and Proxmox for OpenID (Oauth). No my next goal is to configure Portainer für OpenID authentication. That i have done.
At least I already get an error message: Unauthorized
Thats good so i can see the Communication is working no. Here are my entries in portainer:
Client ID: portainer
Client secret: XXX
Authorization URL: https://ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/auth
Access token URL: https://ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/token
Resource URL: https://ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/userinfo
Redirect URL: https://do-dmz.osit.cc:9443
Logout URL: https://ucs-sso-ng.osit.cc/realms/ucs/protocol/openid-connect/logout
User identifier: username (should be ok, because the same works for Proxmox)
Scopes: Tested here a lot of things: mail, email, name, id, openid, profile
I even see a running session in Keycloak for Portainer, but it won’t let me in. Always “Unauthorized”.
Any idea? That can only be a small thing.
- Client-ID
- Valid redirect URIs
- Web Origins (filled in automaticliy)
- Client authentication, Authorization are “on”
- Authentication flow: Standard flow, Direct access grants and OAuth 2.0 Device Authorization Grant are also “on”
Very Thanks
boospy