Hi,According to Openshift Doc (https://docs.openshift.com/enterprise/3.0/admin_guide/configuring_authentication.html#OpenID) and this blog article (http://blog.keycloak.org/2015/06/openshift-ui-console-authentication.html), we can integrate Keycloak as IdentiyProvider with Openshift.So, I have configured the master-config.yaml to use Keycloak 1.9.4.Final as Identity Provider. See hereafter the configoauthConfig:alwaysShowProviderSelection: falseassetPublicURL: https://192.168.99.100:8443/console/grantConfig:method: autoidentityProviders:- challenge: truelogin: truename: keycloakprovider:apiVersion: v1kind: OpenIDIdentityProviderca: keycloak-ca.certclientID: openshiftclientSecret: fbde8b27-3342-4494-b3a3-7db645e9dfe5claims:id:- subpreferredUsername:- preferred_usernamename:- nameemail:urls:authorize: https://192.168.1.80:8443/auth/realms/openshift/tokens/logintoken: https://192.168.1.80:8443/auth/realms/openshift/tokens/access/codesBut, when I try to log on to the Openshift console, I'm redirected to Keycloak Server which returns this Error 404--> GET https://192.168.1.80:8443/auth/realms/openshift/tokens/login?client_id=open…YlMjUyRjE5Mi4xNjguOTkuMTAwJTI1M0E4NDQzJTI1MkZjb25zb2xlJTI1MkZvYXV0aA%3D%3D 404 (Not Found)According to this thread (http://stackoverflow.com/questions/28658735/what-are-keycloaks-oauth2-openid-connect-endpoints), the urls to be used are theseFYI, I can get a token -->curl -k -s -X POST https://192.168.1.80:8443/auth/realms/openshift/protocol/openid-connect/token -H "Content-Type: application/x-www-form-urlencoded" -d 'username=test-user' -d 'password=password' -d 'grant_type=password' -d 'client_id=openshift' -d 'client_secret=fbde8b27-3342-4494-b3a3-7db645e9dfe5' | jq -r '.access_token'
eyJhbGciOiJSUzI1NiJ9.eyJqdGkiOiI1ODExNGExZi1mMTQwLTQwYTctODAwOS1hNGU2Can you confirm that the correct urls to be used are ?Regards,Charles
_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user