linux_server_manuals:nextcloud_saml_authentication_against_keycloak
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
linux_server_manuals:nextcloud_saml_authentication_against_keycloak [2023/06/25 17:03] – admin | linux_server_manuals:nextcloud_saml_authentication_against_keycloak [2023/06/25 17:24] (current) – admin | ||
---|---|---|---|
Line 25: | Line 25: | ||
|**URL location of the IdP for SLO ** |< | |**URL location of the IdP for SLO ** |< | ||
|**Public x.509 certificate of the IdP** | |Copy here the public certificate of keycloak which you can find in **realm settings/ | |**Public x.509 certificate of the IdP** | |Copy here the public certificate of keycloak which you can find in **realm settings/ | ||
+ | |**Attribute to map the email to** |email| | | ||
+ | |**Attribute to map the User groups to** |Role|if you want to get the roles from keycloak. if you want to get the groups, use member, otherwise leave empty| | ||
|**Indicates whether the < | |**Indicates whether the < | ||
|**Indicates whether the < | |**Indicates whether the < | ||
Line 41: | Line 43: | ||
Now below Assigned client scope click on the URL **< | Now below Assigned client scope click on the URL **< | ||
- | Then go to the **Client scopes** tab. If you don't need the role_list scope, just delete it. If you want to map roles, go to the Keycloak Menu **Client Scopes** click on **role list** (or create a new scope, if you already use this one for an other SAML client), then go to **Mappers/ | + | Then create multiple new mappers: **add Mapper/by configuration/ |
- | + | ||
- | Then create multiple new mappers: **add Mapper/by configuration/ | + | |
^setting^value| | ^setting^value| | ||
Line 57: | Line 57: | ||
|**SAML attribute name format** |basic| | |**SAML attribute name format** |basic| | ||
- | So now everything should be working. Try to log in. If it doesn' | + | If you want to map the roles or groups to nextcloud |
- | < | + | |
- | + | ||
- | docker log keycloak | + | |
- | + | ||
- | </ | + | |
+ | ^setting^value| | ||
+ | |**name** |role list| | ||
+ | |** | ||
+ | Role attribute name ** |Role| | ||
+ | |**SAML attribute name format** |basic| | ||
+ | |** | ||
+ | Single Role Attribute ** |on| | ||
+ | So now everything should be working. Try to log in. If it doesn' | ||
linux_server_manuals/nextcloud_saml_authentication_against_keycloak.txt · Last modified: 2023/06/25 17:24 by admin