...
At this point of time after completing the Keycloak installation tutorial, you should have these ready in Keycloak:
- A separate realm called myrealm in Keycloak
- A sample user created in Keycloakand verified able to login
Tip title Tip If your Joget instance currently does not have a license, it is limited to free first 3 users only, sorted alphabetically.
For ease of testing, you can create a sample user with username of cactus-jim for example.
| Note | ||
|---|---|---|
| ||
In this tutorial, it is presumed that the Keycloak instance will be running and exposed on the same host machine running your Joget instance. In this case, since the default bundled Tomcat server hosting the Joget platform operates on port 8080 by default, do ensure the deployed Keycloak container does not clash with the same host port. For example, you can map Keycloak container to expose on host port 8500 or any other non-clashing port instead. |
...
- In Admin Bar → Settings → Directory Manager Settings → Select Plugin, select SAML Directory Manager to start configuring the plugin.
- Copy both values of Entity ID and ACS URL, and temporarily save these values in a convenient place for later use.
These values are required in order to create a valid client in Keycloak.
Do also ensure User Provisioning Enabled option is checked. This will automatically create user accounts for SSO users that does not exist yet in Joget.
- IDP Certificates need to be copied from the admin console of the keycloak.
Open your KeyCloak admin console->Realm Settings ->Keys Tab -> Click on the Certificate RSA 256 Key.
...
- Next, you'll need the IDP Certificate value from Keycloak in order to finish configuring the SAML Directory Manager plugin.
Log into your Keycloak Admin Console, ensure you are currently in myrealm, then go to Realm Settings → Keys, and copy the RS256 Certificate value.
- Paste the RS256 Certificate value in the IDP Certificate field.
...
- Configure other settings as per your industry requirements.
4. KeyCloak Configuration
...