Keycloak Configuration

Setup Keycloak for connector application

This step will help us configure keycloak with respect to different tenant 

Changes in IDHub realm identity providers

The changes in the Identity Providers will be explained in this section

Login to <http://yourdomain.com/auth>  to access the Keycloak UI 

Click on the Identity Providers section from the menu → Click on the client realm "Edit" button → Go to "Permission" section → Enable 

Now click on "Edit" button

Attach the connector policy by searching the name as connector-policy which is already created

 

Changes in client realm

The changes in this section will be done in the client created realm

Select the client realm from the top left drop down 

Now click on Clients menu → create a new client → Add client named "<Type>-connector" (in our case we named it as Ldap-connector, can be Db-connector or File-connector as well), which will be communicating to the IDHub connector client 
Below will be settings for the created "<Type>-connector"  

Also we need to create a user through which the communication would take place, preferably service account/user

Next step, is to set a permanent password for the user which will be required in the postman

Generate access token

Access token can be generated using Post Api call, using any software for example postman etc.

Below are the details which needs to be present

Method - POST

Url: https://<Domain name>/auth/realms/<Tenant-name>/protocol/openid-connect/token 

Body:

This ends the step of generating access token which will be used to place in the application.yaml file as downloaded from LDAP Connector file in the Website