yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-07 00:58:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/openmetadata-docs/content/v1.6.x/deployment/security/keycloak/auth-code-flow.md
tarunpandey23 21ca28782f
feat: Updated And Refactor Docs (#19211) 
* Updated Docs

* Updated

* updated image versions

---------

Co-authored-by: Tarun <tarun.p@deuexsolutions.com>
Co-authored-by: Prajwal214 <167504578+Prajwal214@users.noreply.github.com>
2025-01-03 12:40:07 +00:00

2.5 KiB
Raw Permalink Blame History

title slug collate
Auth code flow of Keyclock /deployment/security/keycloak/auth-code-flow false

Auth Code Flow

Step 1: Create OpenMetadata as a new Client

  • Click on Clients in the menu.
  • Click on Create Client button.
  • Select the Client type.
  • Enter the Client ID.
  • Enter the Name and Description (Optional).
  • Click on Next button.

{% image src="/images/v1.6/deployment/security/keycloak/keycloak-step-3.png" alt="add-client" /%}

Step 2: Edit Configs of the client

  • Enable Client authentication and Authorization.
  • Select Standard flow as an Authentication flow.
  • Click Next.

{% image src="/images/v1.6/deployment/security/keycloak/keycloak-step-4.png" alt="compatibility configs" /%}

Step 3: Add Login Settings

  • fill the required options

{% image src="/images/v1.6/deployment/security/keycloak/keycloak-step-5.png" alt="edit-settings-url.png" /%}

  • Click on Save button.

{% note %}

Note: Scopes openid, email & profile are required to fetch the user details so you will have to add these scopes in your client.

{% /note %}

Step 3: Where to Find the Credentials

  • Navigate to the Credentials tab.
  • You will find your Client Secret related to the Client id "open-metadata"

{% image src="/images/v1.6/deployment/security/keycloak/keycloak-step-6.png" alt="client-credentials" /%}

After the applying these steps, the users in your realm are able to login in the openmetadata, as a suggestion create a user called "admin-user". Now you can update the configuration of your deployment:

{% inlineCalloutContainer %} {% inlineCallout color="violet-70" icon="celebration" bold="Docker Security" href="/deployment/security/keycloak/docker" %} Configure Keycloak SSO for your Docker Deployment. {% /inlineCallout %} {% inlineCallout color="violet-70" icon="storage" bold="Bare Metal Security" href="/deployment/security/keycloak/bare-metal" %} Configure Keycloak SSO for your Bare Metal Deployment. {% /inlineCallout %} {% inlineCallout color="violet-70" icon="fit_screen" bold="Kubernetes Security" href="/deployment/security/keycloak/kubernetes" %} Configure Keycloak SSO for your Kubernetes Deployment. {% /inlineCallout %} {% /inlineCalloutContainer %}

{% inlineCalloutContainer %} {% inlineCallout color="violet-70" icon="MdArrowBack" bold="KeyCloak" href="/deployment/security/keycloak" %} Go to KeyCloak Configuration {% /inlineCallout %} {% /inlineCalloutContainer %}