Set up Keycloak IdP for OAuth/OIDC
Learn how to set up Keycloak as your Identity Provider for Reltio OAuth2/OIDC.
Keycloak IDP configuration
Configure an endpoint for a Keycloak Identity Provider (IdP) in the following format. For details on the parameters in this example, see topic Set up an IdP for OAuth/OIDC.
For information on how this IDP interacts with the Reltio Hub and OAuth services to enable Single Sign On for your users, see topicOAuth 2.0/OpenID Connect (OIDC) Single Sign On (SSO).
{
"providerId": "KeycloakProvider",
"loginEndpoint": "https://xxx/realms/<realms name>/protocol/openid-connect/auth",
"tokenEndpoint": "https://xxx/realms/<realms name>/protocol/openid-connect/token",
"revokeEndpoint": "https://xxx/<realms name>/protocol/openid-connect/revoke",
"userInfoEndpoint":"https://xxx/<realms name>/protocol/openid-connect/userinfo",
"callbackEndpoint": "https://auth.reltio.com/oauth/callback",
"clientId": "xxx",
"clientSecret":"xxxxxx",
"scope": "openid profile",
"userIdMapping": "email",
"userEmailMapping": "email",
"userRoleMapping": "roles",
"userRoleRegexp": "CN=([a-zA-Z0-9_]).?",
"defaultNewUserRoleList": [
"ROLE_API",
"ROLE_USER"
],
"tenants": [
<tenant Id>
],
"defaultGroups": [],
"userGroupsMapping": "groups",
"userGroupRegExp": "/OU=([a-zA-Z0-9_]).?",
"rolePerTenantSsoEnabled": false,
"sendClientCredentialsInBody": false
}