Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Following the OAuth 2.0 standard, ModelOp Center requires the following Keycloak configurations for a successful integration:

  1. LDAP Provider

  2. (Custom) Client Scope

    1. modelop_client

  3. Groups Mapper

  4. Clients

    1. gateway-service

    2. internal-client

    3. go-cli

    4. external-integration-client

Proposed
Client
ID

Access
Type

Grant Type

Valid Redirect URIs

Default
Client Scopes

Optional
Client Scopes

gateway-service

Confidential

  • Authorization Code Flow

    • Standard Flow Enabled: ON

  • <ModelOp Center URL>

  • <ModelOp Center URL>/login/oauth2/code/gateway-service

  • email

  • openid

  • profile

internal-client

Confidential

  • Client Credentials Grant

    • Service Accounts Enabled: ON

  • modelop_client

go-cli

Confidential

  • Resource Owner Password Credentials Grant

    • Direct Access Grants Enabled: ON

  • openid

  • profile

  • email

external-integration-client

Public

  • Implicit Flow

    • Implicit Flow Enabled: ON

  • <ModelOp Center URL>/modelOpWDC.html

  • <ModelOp Center URL>/jupyterOauth2ImplicitGrant.html

  • https://oauth.powerbi.com/views/oauthredirect.html

  • openid

  • profile

  • email

Required User Attributes

  • Family name

  • Given name

  • User name

  • Email

  • Group(s)

Keycloak Guide

For instructions on how to create the custom modelop_client scope and groups mapper, please follow the Keycloak: How-to guide.

  • No labels