Announcement

Collapse
No announcement yet.

Keycloak SSO

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Keycloak SSO

    Has anyone successfully set up SSO with Keycloak. I managed to get KC to display a login screen and create a session, but the Espo page seems to be raising an error.
    has anyone got some detail about which URL exactly I shoudl be setting up between Espo and the Keycloak client settings?
    Thanks
    M
    Tags: None
  • #2
    Would be helpful if you provided more details about the error. From Espo log file, from the browser console, a screenshot.

    Comment

    • #3
      [2023-10-07 16:34:27] ERROR: OIDC: Bad token request.; Status: 400; Response: {"error":"invalid_client","error_description":" Par ameter client_assertion_type is missing"}
      [2023-10-07 16:34:27] ERROR: (0) GET /App/user; line: 249, file: [root_folder]\application\Espo \Core\Authentication\Oidc\Login.php​

      Comment

      • #4
        See https://github.com/espocrm/espocrm/issues/2786 and https://docs.espocrm.com/administration/oidc/ in the Details list (see client_secret_jwt and private_key_jwt methods are not supported​).

        Comment

        • #5
          Thanks Yuri.
          I'm still getting my head around Connect ID. I will document the settings that I end up with for others to use.
          Thanks again
          • Likes 1

          Comment

          • #6
            Originally posted by murray99 View Post
            I will document the settings that I end up with for others to use.
            Hi murray99,

            did you succeed with the SSO? I just started the project but w/o success. I see the logon screen but afterwards the login failed. In KC there's no error but in Espo there's a "invalid credentials". Do they need to match in KC and Espo?

            Comment

            Previous template Next
            Working...
            X