yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-08 17:50:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/openmetadata-docs/content/v1.7.x/deployment/security/keycloak/auth-code-flow.md
Pere Miquel Brull 34fbe5d64c
Docs - Prepare 1.7 docs and 1.8 snapshot (#20882) 
* DOCS - Prepare 1.7 Release and 1.8 SNAPSHOT

* DOCS - Prepare 1.7 Release and 1.8 SNAPSHOT
2025-04-18 12:12:17 +05:30

2.5 KiB
Raw Permalink Blame History

title slug collate
Auth code flow of Keyclock /deployment/security/keycloak/auth-code-flow false

Auth Code Flow

Step 1: Create OpenMetadata as a new Client

  • Click on Clients in the menu.
  • Click on Create Client button.
  • Select the Client type.
  • Enter the Client ID.
  • Enter the Name and Description (Optional).
  • Click on Next button.

{% image src="/images/v1.7/deployment/security/keycloak/keycloak-step-3.png" alt="add-client" /%}

Step 2: Edit Configs of the client

  • Enable Client authentication and Authorization.
  • Select Standard flow as an Authentication flow.
  • Click Next.

{% image src="/images/v1.7/deployment/security/keycloak/keycloak-step-4.png" alt="compatibility configs" /%}

Step 3: Add Login Settings

  • fill the required options

{% image src="/images/v1.7/deployment/security/keycloak/keycloak-step-5.png" alt="edit-settings-url.png" /%}

  • Click on Save button.

{% note %}

Note: Scopes openid, email & profile are required to fetch the user details so you will have to add these scopes in your client.

{% /note %}

Step 3: Where to Find the Credentials

  • Navigate to the Credentials tab.
  • You will find your Client Secret related to the Client id "open-metadata"

{% image src="/images/v1.7/deployment/security/keycloak/keycloak-step-6.png" alt="client-credentials" /%}

After the applying these steps, the users in your realm are able to login in the openmetadata, as a suggestion create a user called "admin-user". Now you can update the configuration of your deployment:

{% inlineCalloutContainer %} {% inlineCallout color="violet-70" icon="celebration" bold="Docker Security" href="/deployment/security/keycloak/docker" %} Configure Keycloak SSO for your Docker Deployment. {% /inlineCallout %} {% inlineCallout color="violet-70" icon="storage" bold="Bare Metal Security" href="/deployment/security/keycloak/bare-metal" %} Configure Keycloak SSO for your Bare Metal Deployment. {% /inlineCallout %} {% inlineCallout color="violet-70" icon="fit_screen" bold="Kubernetes Security" href="/deployment/security/keycloak/kubernetes" %} Configure Keycloak SSO for your Kubernetes Deployment. {% /inlineCallout %} {% /inlineCalloutContainer %}

{% inlineCalloutContainer %} {% inlineCallout color="violet-70" icon="MdArrowBack" bold="KeyCloak" href="/deployment/security/keycloak" %} Go to KeyCloak Configuration {% /inlineCallout %} {% /inlineCalloutContainer %}