using Keycloak (v25) to login on mattermost Team Edition (remove openid scope ?)

65 views
Skip to first unread message

Yannick Beluche

unread,
Jul 20, 2024, 9:38:22 AMJul 20
to Keycloak User
Hello,

I've been using Keycloak v19 in a docker env. to remplace Gitlab connection to a mattermost server (Free - Team Edition) and I worked well.

I tried to update to Keycloak 25 but since v20 (apparently) the openid scope is now mandatory and the the client app does not request it, the request is denied by Keycloak.

Here is the thing :  I can put the openid scope in mattermost config, because OIDC is reserved for paid version of mattermost.

With the v19 version I was able to omit the scope in the settings (scopes: ""') and it was working well. but now keycloak 25 refuses the connection if openid scope is missing. 

Is there a way to make it optional ? or it there a way to create a custom scope (gitlab auth uses read_user) and only provide this one ? 
Or am I stuck with keycloak 19 ?

I followed guides like this one to make my keycloak auth to mattermost : https://medium.com/@mrtcve/mattermost-teams-edition-replacing-gitlab-sso-with-keycloak-dabf13ebb99e


Thanks in advance for you help!

Regards,

Yannick

Reply all
Reply to author
Forward
0 new messages