OAuth2 configuration with Keycloak

[olivierBlanc]

I would like to integrate Keycloak authentification in Kanboard.
But I cannot figure out the steps to configure both Keycloak and Kanboard OAuth2 plugin.
Does anyone has documentation on that ?

Configuration

• Plugin version: 2f20dfe
• Kanboard version: v1.2.19
• Database type and version: postgres 11.11
• PHP version: 7.4.15
• OS: Linux / Docker
• Browser: Brave

[jrb0001]

Keycloak->Client->Settings:

Client ID: <any value, copy for kanboard>
Enabled: checked
Client Protocol: openid-connect
Access Type: confidential
Valid Redirect URIs: https://<kanboard>/oauth/callback
Base URL: https://<kanboard>/
Admin URL: https://<kanboard>/
Web Origins: https://<kanboard>/

Keycloak->Client->Credentials:

Client Authenticator: Client Id and Secret
Secret: <generated, copy for kanboard>

Keycloak->Client->Client Scopes:

Default Client Scopes: email profile

Keycloak->Client->Scope Mappings:

Full Scope Allowed: unchecked

Kanboard:

Callback URL: https://<kanboard>/oauth/callback
Client ID: <as defined in keycloak>
Client Secret: <as defined in keycloak>
Authorize URL: https://<keycloak>/realms/<realm>/protocol/openid-connect/auth
Token URL: https://<keycloak>/realms/<realm>/protocol/openid-connect/token
User API URL: https://<keycloak>/realms/<realm>protocol/openid-connect/userinfo
Scopes: openid profile email
Username Key: preferred_username
Name Key: name
Email Key: email
User ID Key: sub

[luismanson]

It works for me. Thanks!

[Cyphers171]

Sorry to hijack the issue, but I was able to configure oatuh with keycloak, but I cannot use the field group filter with a wildcard, like group-*. Theres a way to use wildcard?

If necessary I open another issue.

Thanks in advance

[babvin]

After providing the right username and password from keycloak login page still error is shown on the screen

Under user sessions successful login of the user is shown

[thenicejake]

@babvin Did you find any solution?
I ran into the same issue with Keycloak.
Thanks in advance.