Unify and manage your data

Set up Keycloak IdP for OAuth/OIDC

Learn how to set up Keycloak as your Identity Provider for Reltio OAuth2/OIDC.

Keycloak IDP configuration

Configure an endpoint for a Keycloak Identity Provider (IdP) in the following format. For details on the parameters in this example, see topic Set up an IdP for OAuth/OIDC.

For information on how this IDP interacts with the Reltio Hub and OAuth services to enable Single Sign On for your users, see topicOAuth 2.0/OpenID Connect (OIDC) Single Sign On (SSO).

{
    "providerId": "KeycloakProvider",
    "loginEndpoint": "https://xxx/realms/<realms name>/protocol/openid-connect/auth",
    "tokenEndpoint": "https://xxx/realms/<realms name>/protocol/openid-connect/token",
    "revokeEndpoint": "https://xxx/<realms name>/protocol/openid-connect/revoke",
    "userInfoEndpoint":"https://xxx/<realms name>/protocol/openid-connect/userinfo",
    "callbackEndpoint": "https://auth.reltio.com/oauth/callback",
    "clientId": "xxx",
    "clientSecret":"xxxxxx",
    "scope": "openid profile",
    "userIdMapping": "email",
    "userEmailMapping": "email",
    "userRoleMapping": "roles",
    "userRoleRegexp": "CN=([a-zA-Z0-9_]).?",
    "defaultNewUserRoleList": [
        "ROLE_API",
        "ROLE_USER"
    ],
    "tenants": [
        <tenant Id>
    ],
    "defaultGroups": [],
    "userGroupsMapping": "groups",
    "userGroupRegExp": "/OU=([a-zA-Z0-9_]).?",
     "rolePerTenantSsoEnabled": false,
    "sendClientCredentialsInBody": false
}