github-starred/komodo
2
0
Fork 0
mirror of https://github.com/moghtech/komodo.git synced 2025-12-05 19:17:36 -06:00
Code Issues 258 Packages Projects Releases 10 Wiki Activity

Add Keycloak instructions to OIDC setup (#517)

Browse Source
This commit is contained in:
Avalancs
2025-05-19 00:49:11 +02:00
committed by GitHub
parent 7a3b2b542d
commit a43e1f3f52
1 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
docsite/docs/setup/advanced.mdx
View File

@@ -6,7 +6,7 @@ To enable OAuth2 login, you must create a client on the respective OAuth provide
for example [Github](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/creating-an-oauth-app)
or [Google](https://developers.google.com/identity/protocols/oauth2).
Komodo also supports self hosted Oauth2 providers like [Authentik](https://docs.goauthentik.io/docs/providers/oauth2/) or [Gitea](https://docs.gitea.com/development/oauth2-provider).
Komodo also supports self hosted Oauth2 providers like [Authentik](https://docs.goauthentik.io/docs/providers/oauth2/), [Gitea](https://docs.gitea.com/development/oauth2-provider) and [Keycloak](https://www.keycloak.org).
- Komodo uses the `web application` login flow.
- The redirect uri is:
@@ -14,6 +14,19 @@ Komodo also supports self hosted Oauth2 providers like [Authentik](https://docs.
- `<KOMODO_HOST>/auth/google/callback` for Google.
- `<KOMODO_HOST>/auth/oidc/callback` for OIDC.
### Keycloak
- Create an [OIDC client](https://www.keycloak.org/docs/latest/server_admin/index.html#proc-creating-oidc-client_server_administration_guide) in Keycloak.
- Note down the `Client ID` that you enter (e.g.: "komodo"), you will need it for Komodo configuration
- `Valid Redirect URIs`: use `<KOMODO_HOST>/auth/oidc/callback` and substitute `<KOMODO_HOST>` with your Komodo url.
- Turn `Client authentication` to `On`.
- After you finished creating the client, open it and go to `Credentials` tab and copy the `Client Secret`
- Edit your environment variables for komodo core docker container and set the following:
- `KOMODO_OIDC_ENABLED=true`
- `KOMODO_OIDC_PROVIDER=https://<your Keycloak url>/realms/master` or replace `master` with another realm if you don't want to use the default one
- `KOMODO_OIDC_CLIENT_ID=...` what you specified as `Client ID`
- `KOMODO_OIDC_CLIENT_SECRET=...` that you copied from Keycloak
### Mount a config file
If you prefer to keep sensitive information out of environment variables, you can optionally
@@ -36,4 +49,4 @@ import RemoteCodeFile from "@site/src/components/RemoteCodeFile";
url="https://raw.githubusercontent.com/moghtech/komodo/main/config/core.config.toml"
language="toml"
/>
```
```