Differences

This shows you the differences between two versions of the page.

--- linux_server_manuals:nextcloud_saml_authentication_against_keycloak [2023/06/25 17:01] – admin
+++ linux_server_manuals:nextcloud_saml_authentication_against_keycloak [2023/06/25 17:03] – admin
@@ Line 1: / Line 1: @@
 ====== Keycloak as (SAML) SSO-Authentication provider for Nextcloud ======
-We can use Keycloak as SSO (Single Sign On) authentication provider for nextcloud using SAML. <del>Unfortunately the SAML plugin for nextcloud doesn't support groups (yet?). If you need/want to use them, you can get them over LDAP. Therefor you want to use [[:linux_server_manuals:keycloak_openldap_integration|LDAP federation in Keycloak]] and before setting up the SAML authentication, set up the [[:linux_server_manuals:nextcloud_ldap_integration| LDAP connection in Nextcloud.]]</del> Newer Versions of the SAML plugin are able to get the groups from Keycloak and also to restrict by them.
+We can use Keycloak as SSO (Single Sign On) authentication provider for nextcloud using SAML. <del>Unfortunately the SAML plugin for nextcloud doesn't support groups (yet?). If you need/want to use them, you can get them over LDAP. Therefor you want to use [[:linux_server_manuals:keycloak_openldap_integration|LDAP federation in Keycloak]] and before setting up the SAML authentication, set up the [[:linux_server_manuals:nextcloud_ldap_integration| LDAP connection in Nextcloud.]]</del> Newer Versions of the SAML plugin are able to get the groups from Keycloak and also to restrict by them. Unfortunately they aren't able to get first and last name from keycloak, but expect the Full Name (Displayname) to be provided. Which keycloak in the newer versions doesn't provide in an easy way (You need to upload your own SPI).
 Before anything else you should have a working Keycloak installation ;-) : [[:linux_server_manuals:docker_keycloak_container_with_local_postgresql|]]