huly-selfhost icon indicating copy to clipboard operation
huly-selfhost copied to clipboard
verified publisher icon hcengineering

Could someboby tell me how configuring keycloak?

Open sor88 opened this issue 1 year ago • 1 comments

I can't configuring huly with keycloak.

sor88 avatar Oct 27 '24 19:10 sor88

I'm running v0.6.333 and this is how I have it setup:

This goes under account service:

 account:
   ...
   environment:
   ...
     - OPENID_CLIENT_ID=${AUTH_CLIENT_ID}
     - OPENID_CLIENT_SECRET=${AUTH_CLIENT_SECRET}
     - OPENID_ISSUER=${AUTH_URL}/realms/${AUTH_REALM}

AUTH_CLIENT_ID should be the "Client ID" you've setup in KeyCloak, in my case "huly-client" AUTH_CLIENT_SECRET you get from KeyCloak after you create your "Client ID" I have a custom AUTH_URL and a custom AUTH_REALM but if your spin the keycloak service inside the same docker compose you can use OPENID_ISSUER=https://keycloak/realms/master if you are using the "master" realm and your keycloak service name is "keycloak".

Note that you also have to setup the access urls in KeyCloak > Clients > (your client id, in my case it was "huly-client" ie: Root URL, Home URL and Valid redirect URIs In my case the Valid redirect URIs is different since the account service is running on a subdomain (not using the default nginx config provided by huly).

Make sure you check Client authentication > Authentication flow > Standard flow (checkbox)

Hope this helps

zaroot avatar Nov 06 '24 13:11 zaroot