[keycloak-dev] Openshift Identity Provider for KeyCloak
Bartosz Majsak
bartosz at redhat.com
Wed Feb 15 06:38:10 EST 2017
OpenShift should authenticate against Keycloak (or another IdP) at least
for on-prem installations.
This is intended primarily for OSO I believe.
For OpenShift Online I see a use-case for this, but in that case can it not
just use the OIDC provider?
One issue I can already point out is that when using OIDC provider
authorization URL created by an AbstractOAuth2IdentityProvider will result
in bad request from OpenShift OAuth server, as it doesn’t accept
redirect_uri as a valid request parameter. At least when tested against
minishift.
On Wed, Feb 15, 2017 at 12:29 PM, Stian Thorgersen <sthorger at redhat.com>
wrote:
> Not sure to be honest. Strictly speaking it should be the other way
> around. OpenShift should authenticate against Keycloak (or another IdP) at
> least for on-prem installations. For OpenShift Online I see a use-case for
> this, but in that case can it not just use the OIDC provider?
>
> On 15 February 2017 at 02:46, Bartosz Majsak <bartosz at redhat.com> wrote:
>
>> Hi,
>>
>> I've implemented Openshift Identity Provider for KeyCloak [1]. Would you
>> be
>> interested in getting it upstream?
>>
>> Cheers,
>> Bartosz.
>>
>> [1] https://github.com/bartoszmajsak/keycloak-openshift-identity-provider
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
>
More information about the keycloak-dev
mailing list