Hello everyone,
This time I am really desperate! Can you help me please?
Here I explain the issue and I guess it is an HTTPS problem, since with HTTP I had the same setting, but all was working properly.
When I try to login from this page (Figure 1)
And I insert the credentials, I get this (Figure 2):
KEYCLOAK SIDE (XNAT BUTTON, Figure 1):
KEYCLOAK SIDE (ADMIN):
XNAT SIDE (OPENID CONNECT PLUGIN, Figure 2)
auth.method=openid
type=openid
provider.id=xnat-keycloak-client
visible=true
auto.enabled=false
auto.verified=false
name=OpenID Authentication Provider
disableUsernamePasswordLogin=false
enabled=xnat-keycloak-client
siteUrl=https://xnaturl.it
preEstablishedRedirUri=/openid-login
openid.xnat-keycloak-client.clientId=xnat-keycloak-client
openid.xnat-keycloak-client.clientSecret=*********************************
openid.xnat-keycloak-client.accessTokenUri=https://keycloakurl.it/auth/realms/redcap-xnat-keycloak/protocol/openid-connect/token
openid.xnat-keycloak-client.userAuthUri=https://keycloakurl.it/auth/realms/redcap-xnat-keycloak/protocol/openid-connect/auth
openid.xnat-keycloak-client.userInfoUri=https://keycloakurl.it/auth/realms/redcap-xnat-keycloak/protocol/openid-connect/userinfo
openid.xnat-keycloak-client.pkceEnabled=false
openid.xnat-keycloak-client.scopes=openid,profile,offline_access,address,email,phone,roles,microprofile-jwt,web-origins
openid.xnat-keycloak-client.link=<p>To sign-in using your Keycloak credentials, please click on the button below.</p><p><a href="/openid-login?providerId=xnat-keycloak-client"><img src="/images/keycloak.png" style="max-width: 200px;" /></a></p>
openid.xnat-keycloak-client.shouldFilterEmailDomains=false
openid.xnat-keycloak-client.forceUserCreate=true
openid.xnat-keycloak-client.userAutoEnabled=false
openid.xnat-keycloak-client.userAutoVerified=false
openid.xnat-keycloak-client.emailProperty=email
openid.xnat-keycloak-client.givenNameProperty=given_name
openid.xnat-keycloak-client.familyNameProperty=family_name
I DO NOT REALLY KNOW WHAT IS WRONG...
Thank you so much in advance.
Cheers,
Matteo