keycloak as a login interface for applications without code source for iam service
168 views
Skip to first unread message
Ines El Haj Ahmed
Jun 3, 2024, 12:42:22 PMJun 3
to Keycloak User
Hello,
I want to use Keycloak as the Identity and Access Management (IAM) service for my application. My goal is to have the Keycloak login page appear first, and then, if the user is authorized by Keycloak, they can access the rest of the application.
However, I do not have access to the application's source code. I tried configuring a client in Keycloak and added a user to this client, but it didn't work as expected.
Could someone guide me on how to properly set up Keycloak for this scenario? Specifically, I need to know:
Is it possible to integrate Keycloak without the application's source code? What are the necessary steps to configure Keycloak for this type of integration? Are there any common pitfalls or additional configurations that I might be missing?Thank you for your help!
A. Schulze
Jun 4, 2024, 4:32:21 AMJun 4
to keyclo...@googlegroups.com
'Ines El Haj Ahmed' via Keycloak User:
> I want to use Keycloak as the Identity and Access Management (IAM) service
> for my application. My goal is to have the Keycloak login page appear
> first, and then, if the user is authorized by Keycloak, they can access the
> rest of the application.
https://oauth2-proxy.github.io/oauth2-proxy/ works well for that job
Andreas
Thomas Darimont
Jun 5, 2024, 9:36:36 AMJun 5
to Keycloak User
Hello,
However, if you want to make the target application identity aware you might still need to adapt the target application a bit to extract the identity informationen provided by the proxy.
Some additional options besides the oauth2-proxy mentioned by Andreas
- https://github.com/openresty/ with some lua plugins, e.g: https://github.com/zmartzone/lua-resty-openidc
- https://github.com/OpenIDC/mod_auth_openidc in combination with Apache HTTP server
Cheers,
Thomas
Garth
Jun 5, 2024, 3:34:44 PMJun 5
to keyclo...@googlegroups.com
Also https://github.com/gogatekeeper/gatekeeper which used to be a Keycloak project. We still use this with a lot of customers with good success.
> --
> You received this message because you are subscribed to the Google
> Groups "Keycloak User" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to keycloak-use...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/keycloak-user/78d0d863-a866-4289-bea3-3d3997d85f36n%40googlegroups.com
> <https://groups.google.com/d/msgid/keycloak-user/78d0d863-a866-4289-bea3-3d3997d85f36n%40googlegroups.com?utm_medium=email&utm_source=footer>.
> You received this message because you are subscribed to the Google
> Groups "Keycloak User" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to keycloak-use...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/keycloak-user/78d0d863-a866-4289-bea3-3d3997d85f36n%40googlegroups.com
> <https://groups.google.com/d/msgid/keycloak-user/78d0d863-a866-4289-bea3-3d3997d85f36n%40googlegroups.com?utm_medium=email&utm_source=footer>.
Reply all
Reply to author
Forward
0 new messages