diff --git a/docs/docs/guides/integrate/identity-providers/keycloak.mdx b/docs/docs/guides/integrate/identity-providers/keycloak.mdx new file mode 100644 index 0000000000..d6e2aa4e40 --- /dev/null +++ b/docs/docs/guides/integrate/identity-providers/keycloak.mdx @@ -0,0 +1,69 @@ +--- +title: Configure Keycloak as an Identity Provider in ZITADEL +sidebar_label: Keycloak generic OIDC +id: keycloak +--- + +import GeneralConfigDescription from './_general_config_description.mdx'; +import Intro from './_intro.mdx'; +import CustomLoginPolicy from './_custom_login_policy.mdx'; +import IDPsOverview from './_idps_overview.mdx'; +import GenericOIDC from './_generic_oidc.mdx'; +import Activate from './_activate.mdx'; +import TestSetup from './_test_setup.mdx'; + + + +## Keycloak Configuration + +### Register a new client + +1. Login to your Keycloak account and go to the clients list: <$KEYCLOAK-DOMAIN/auth/admin/$REALM/console/#/$REALM/clients> +2. Click on "Create Client" +3. Choose OpenID Connect as Client Type and give your client an ID +4. Enable Client authentication and the standard flow and direct access grants as authentication flow +5. Add the valid redirect URIs + - {your-domain}/ui/login/login/externalidp/callback + - Example redirect url for the domain `https://acme-gzoe4x.zitadel.cloud` would look like this: `https://acme-gzoe4x.zitadel.cloud/ui/login/login/externalidp/callback` +6. Go to the credentials tab and copy the secret + +![Add new OIDC Client in Keycloak](/img/guides/keycloak_add_client.png) +![Get Client Secret](/img/guides/keycloak_client_secret.png) + +## ZITADEL configuration + +### Add custom login policy + + + +### Go to the IdP providers overview + + + +### Create a new generic OIDC provider + + + + + + +![Keycloak Provider](/img/guides/zitadel_keycloak_create_provider.png) + +### Activate IdP + + + +![Activate the Keycloak Provider](/img/guides/zitadel_activate_keycloak.png) + +## Test the setup + + + + +![Keycloak Button](/img/guides/zitadel_login_keycloak.png) + +![Keycloak Login](/img/guides/keycloak_login.png) diff --git a/docs/sidebars.js b/docs/sidebars.js index a7513f905e..1c82d82852 100644 --- a/docs/sidebars.js +++ b/docs/sidebars.js @@ -244,6 +244,7 @@ module.exports = { "guides/integrate/identity-providers/openldap", "guides/integrate/identity-providers/migrate", "guides/integrate/identity-providers/okta", + "guides/integrate/identity-providers/keycloak", ], }, { diff --git a/docs/static/img/guides/keycloak_add_client.png b/docs/static/img/guides/keycloak_add_client.png new file mode 100644 index 0000000000..83c8832e2c Binary files /dev/null and b/docs/static/img/guides/keycloak_add_client.png differ diff --git a/docs/static/img/guides/keycloak_client_secret.png b/docs/static/img/guides/keycloak_client_secret.png new file mode 100644 index 0000000000..a110510420 Binary files /dev/null and b/docs/static/img/guides/keycloak_client_secret.png differ diff --git a/docs/static/img/guides/keycloak_login.png b/docs/static/img/guides/keycloak_login.png new file mode 100644 index 0000000000..05459b7d84 Binary files /dev/null and b/docs/static/img/guides/keycloak_login.png differ diff --git a/docs/static/img/guides/zitadel_activate_keycloak.png b/docs/static/img/guides/zitadel_activate_keycloak.png new file mode 100644 index 0000000000..af170087ca Binary files /dev/null and b/docs/static/img/guides/zitadel_activate_keycloak.png differ diff --git a/docs/static/img/guides/zitadel_keycloak_create_provider.png b/docs/static/img/guides/zitadel_keycloak_create_provider.png new file mode 100644 index 0000000000..2f3d322ac6 Binary files /dev/null and b/docs/static/img/guides/zitadel_keycloak_create_provider.png differ diff --git a/docs/static/img/guides/zitadel_login_keycloak.png b/docs/static/img/guides/zitadel_login_keycloak.png new file mode 100644 index 0000000000..a52a1da03d Binary files /dev/null and b/docs/static/img/guides/zitadel_login_keycloak.png differ