Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Adding Keycloak IdP

In Keycloak , select gv Realm then create a new IdP Identity Provider by selecting Microsoft from the drop downlist:

...

Populate Client ID (this is Application (client) ID in Azure) and Client Secret (this is Value from Azure) using values obtained in previous steps.

...

Finally copy Redirect URI from Keycloak:

...

and add Redirect ID UI link in Azure App.:

...

Info

If you do not want everyone to be able to connect using SSO you can restrict the app only to a certain group of users.

https://learn.microsoft.com/en-us/entra/identity-platform/howto-restrict-your-app-to-a-set-of-users

Test the functionality

Open up a new Incognito mode in a browser and use https://{$your_ip_or_URL}/ui

...

Note

The last step is important, you need to allow “Consent on behalf of your organization” before clicking [Accept].

If you don’t, you will need to recreate the app from scratch.

This is how a failed attempt looks like:

image-20240611-213058.pngImage Added

That is why it is recommended to test this in Incognito mode.

...

This should result in Dashboard window being loaded:

...