You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+27Lines changed: 27 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,6 +18,7 @@ This README file contains the following main sections:
18
18
+[Dropbox](#dropbox)
19
19
+[Github](#github)
20
20
+[Google](#google)
21
+
+[Keycloak](#keycloak)
21
22
+[Joomla](#joomla)
22
23
+[Nextcloud](#nextcloud)
23
24
+[Spotify](#spotify)
@@ -218,6 +219,32 @@ Google_clientSecret='xxx'
218
219
+**Google_clientSecret**='...' (value shown in Google, like described above)
219
220
+ Press the "OK" button in the Google browser page
220
221
222
+
### Keycloak
223
+
+ Log into your Keycloak administration backend and select or create a realm
224
+
+ Create a new client with "Client" / "Create client"
225
+
+ In "General settings" enter a "Client ID" and select "OpenID Connect" for "Client type"
226
+
+ In "Capability config" switch on "Client authentication" and "Authorization". For "Authentication flow" activate "Standard flow".
227
+
* Note: Any time switching on/off the "Client authentification", the "Client credentials" (e.g. "Client Secret") will also be modified/updated. Therefore, you will need to update the "Client Secret" in the webtrees config.ini.php accordingly; otherwise the authentification might fail.
228
+
+ In "Login settings", enter the "Valid redirect URIs". See chapter [General Configuration](#general-configuration) about how to get the redirect URL from the webtrees custom module settings.
229
+
+ Press "Save" button.
230
+
+ With "Client Scopes" / "New client scope", create an additional "openid" scope (if it does not exist already).
231
+
+ Enable the "include in token scope" slider for the additional "openid" scope.
232
+
+ In "Clients" / "Client scopes" / "Add client scopes", add the additional "openid" scope to the webtrees client as "Default" scope.
233
+
+ Open your webtrees config.ini.php file and add the following lines (copy/paste to the end):
234
+
```PHP
235
+
Keycloak_clientId='xxx'
236
+
Keycloak_clientSecret='xxx'
237
+
Keycloak_authServerUrl='xxx'
238
+
Keycloak_realm='xxx'
239
+
Keycloak_signInButtonLabel='xxx'
240
+
```
241
+
+ Insert the configuration details from your Keycloak installation into the newly included configuration lines of your config.ini.php file:
242
+
+**Keycloak_clientId**='...' (value for "Client ID" shown in Keycloak)
243
+
+**Keycloak_clientSecret**='...' (value for "Client Secret" shown in Keycloak, "Clients" / "Credentials" / "Client secret")
244
+
+**Keycloak_authServerUrl**='...' (URL of your Keycloak server)
245
+
+**Keycloak_realm**='xxx' (value for "Realm name" shown in Keycloak)
246
+
+**Keycloak_signInButtonLabel**='...' (the label, which shall be shown for the sign in button etc.)
247
+
221
248
### Joomla
222
249
+ Download the Joomla extension [joomla-oauth2-server](https://github.com/Jefferson49/joomla-oauth2-server/releases/latest)
223
250
+ Install the extension in the Joomla administration backend
0 commit comments