Skip to content
Snippets Groups Projects
Select Git revision
  • 9ed83fb694d9c3e90bdc8ca162d583241a0176bb
  • main default protected
  • sysadmin-154-healthcheck
  • anthony-main-patch-96418
4 results

keycloak

Elian Loraux's avatar
Elian Loraux authored
9ed83fb6
History

Keycloak

This is dockerised Keycloak system. Keycloak support openid_connect. It's designed to be connected to a Dolibarr instance and other partners applciations.

Setting up your environement

  1. Clone this repository
  2. cp .env.sample .env
  3. Edit .env (host, keycloak admin credential and MariaDB password)

Launch environement

docker-compose up

Configuration

Create realm, first user and connect first application

Follow the official get started tutorial

Link a Dolibarr instance to Keycloak

Prerequisites

Set un dockerised Dolibarr

Set up Dolibarr

To set up SSO with dolibarr you need folow this insctruction :

  1. Create user with the same username in dolibarr and keycloak
  2. Generate the dolibarr variable with dolibarr_variables.py. If you don't know where to find the information requested by the script, see Prerequisites
  3. Put generated variables in Dolibarr > Setup > Other Setup
  4. Configure the authentication methods in conf.php (dolibarr_src/htdocs/conf/conf.php) and add openid_connect. $dolibarr_main_authentication='openid_connect'
  • In dev : choose username matching : preferred_username
  • In prod : Choose mail matching method

For many information, follow the dolibarr tutorial

Final config KeyCloak Dolibarr for Prod (WIP)

  • In Realm settings > Login, check following options
    • Forgot password
    • Remember me
    • Email as username
    • login with email
    • verify email
  • Realm settings > Email, configur your SMTP parameters + mail informations
  • Realm settings > Theme, add your custom theme
  • If needed create users group
  • Create your users
  • Client > account-console > sttings
    • Set web origins to *