Keycloak
Following the OAuth 2.0 standard, ModelOp Center requires the following Keycloak configurations for a successful integration:
LDAP Provider
(Custom) Optional Client Scope
modelop_client
LDAP Mapper
Clients
gateway-service
internal-client
go-cli
external-integration-client
Proposed | Access | Grant Type | Valid Redirect URIs | Default | Optional |
---|---|---|---|---|---|
gateway-service | Confidential |
|
|
|
|
internal-client | Confidential |
|
|
|
|
go-cli | Confidential |
|
|
|
|
external-integration-client | Public |
|
|
|
|
NOTE: Once the internal-client
is created, please assign the modelop_client
scope as an optional client scope by following these steps:
Open “Clients” tab
Open “internal-client”
Open “Client Scopes” tab
For the “Optional Client Scopes” box, select “modelop_client” and click on “Add selected”
Required User Attributes
Family name
Given name
User name
Email
Group(s)
Keycloak Guide
For instructions on how to create the custom modelop_client
scope and LDAP mapper, please follow the Keycloak: How-to guide.