You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
While the OIDC page gives a lot of information on the login process using OIDC,
it is lacking any real world code examples and always refers omitted parts where an
external system is referenced.
Since many facilities employ Keycloak as an OIDC provider (maybe even with Google / Github IdPs
connected in the backend) it would make sense to describe the complete setup with OIDC using Keycloak
including all the steps that are needed on the Keycloak side to map groups into Scicat.
Describe the solution you'd like
The OIDC section should be rewitten with a focus on Keycloak and its groups in the AccessToken via a separate claim.
The Google Auth Provider can also be mentioned but mostlty the authentication part is not the difficult part, it is the authorization part which causes issues.
Describe alternatives you've considered
Instead the callback section could be changed such that there is a more clear explanation how to augment the user information using standard OIDC claims etc.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
While the OIDC page gives a lot of information on the login process using OIDC,
it is lacking any real world code examples and always refers omitted parts where an
external system is referenced.
Since many facilities employ Keycloak as an OIDC provider (maybe even with Google / Github IdPs
connected in the backend) it would make sense to describe the complete setup with OIDC using Keycloak
including all the steps that are needed on the Keycloak side to map groups into Scicat.
Describe the solution you'd like
The OIDC section should be rewitten with a focus on Keycloak and its groups in the AccessToken via a separate
claim.The Google Auth Provider can also be mentioned but mostlty the authentication part is not the difficult part, it is the authorization part which causes issues.
Describe alternatives you've considered
Instead the callback section could be changed such that there is a more clear explanation how to augment the user information using standard OIDC claims etc.
The text was updated successfully, but these errors were encountered: