Integrating IM with Keycloak as OIDC IdP
Complete the following steps to integrate Identity Management(IM) with Keycloak as OIDC IdP:
-
Get the Keycloak URL to login to the Keycloak admin console.
- Login to the OpenShift console.
- Go to Networking > Routes.
- Set the project to All Projects.
- Find the keycloak route and copy the URL in the Location section.
-
Login to the Keycloak admin console. You can retrieve the admin username and password from the
cs-keycloak-initial-admin
secret. -
If the users are not created, go to Users > Add user to create a user. Set the required information and click Create. You can update the user details and credentials in the
Details
andCredentials
sections. -
If you need to create a group and add the users, complete the following steps:
-
Go to Groups > Create group to create a user group.
-
Enter the name of the group and click Create.
-
Select the group name and click
Add member
option in theMembers
section to add the users to the group.
-
-
Go to Clients > Create client to create an OIDC client. Add the
Client ID
and set the required information inGeneral settings
,Capability config
, andLogin settings
. -
Click Save to create the OIDC client with the secret.
-
Go to Client scopes > Create client scope to create the client scope with the required information for the OIDC client.
-
Select the
Client scope
and configure theMapper
details. -
Go to Clients > Clients scopes and add the client scope to the OIDC client.
-
Go to Realm settings and copy the URI for the realm.
-
Login to the
CPD
console and add a new OIDC IdP connection. Paste the URI for the realm in theWell-known URI
section. -
Onboard the Keycloak user group to CPD. For more information, see Configuring single sign-on using OpenID Connect (OIDC).
-
Login to the Keycloak console as an OIDC user.