Versions Compared

Old Version 23

changes.mady.by.user Justin

Saved on

compared with

New Version 24

changes.mady.by.user Justin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In this tutorial, SAML will be used in Keycloak to enable Single Sign-On (SSO) capability with Joget.

The SAML Directory Manager Plugin is available in the Joget Marketplace.
The plugin's source code is also available in JogetOSS Github. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.

Note

This tutorial serves only as a general guide, using minimal-required configurations on Keycloak to enable SSO via SAML protocol with Joget.

To use Keycloak in a production environment, please see Configuring Keycloak for production or other relevant Keycloak guides.

...

Note
titleImportant Note

In this tutorial, it is presumed that the Keycloak instance will be running and exposed on the same host machine running your Joget instance. 

In this case, since the default bundled Tomcat server hosting the Joget platform operates on port 8080 by default, do ensure the deployed Keycloak container does not clash with the same host port.

For example, you can map Keycloak container to expose on host port 8500 or any other non-clashing port instead. 

2. Plugin Installation

...

  1. Download the SAML Directory Manager Plugin from the Joget Marketplace, and upload the plugin .jar file into your Joget instance.
    This plugin's source code is also available in JogetOSS Github. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.

  2. Then, in Settings → General Settings → API IP Whitelist, do whitelist external IP addresses. For now, you can allow all public users (using * symbol to indicate "allow all").
    This is to allow end user browsers to communicate with the SAML plugin

...

  1. .

3. Plugin Configuration

Once you install the plugin you can enable the directory manager configuration to use SAML authentication. 

Open settings Settings -> Directory Manager Settings -> Select Plugin -> Choose SAML Directory Manager


SAML Directory Configuration setting screen will open. You will be required to copy the SAML API URL.  This is required in order to create a valid client in Keycloak.

...