2.6 KiB
		
	
	
	
	
	
	
	
			
		
		
	
	| title | description | slug | collate | 
|---|---|---|---|
| Implicit flow of Keyclock | Official Documentation | Configure Keycloak’s Implicit Flow to support secure, frontend-based token issuance for fast browser-based authentication workflows. | /deployment/security/keycloak/implicit-flow | false | 
Implicit Flow
Step 1: Create OpenMetadata as a new Client
- Click on Clientsin the menu.
- Click on Create Clientbutton.
- Select the Client type.
- Enter the Client ID.
- Enter the Name and Description (Optional).
- Click on Nextbutton.
{% image src="/images/v1.9/deployment/security/keycloak/keycloak-step-3.png" alt="add-client" /%}
Step 2: Edit Configs of the client
- Select Standard flowandImplicit flowas anAuthentication flow.
- Click Next.
{% image src="/images/v1.9/deployment/security/keycloak/implicit-keycloak-step-4.png" alt="compatibility configs" /%}
Step 3: Add Login Settings
- fill the required options
{% image src="/images/v1.9/deployment/security/keycloak/keycloak-step-5.png" alt="edit-settings-url.png" /%}
- Click on Savebutton.
{% note %}
Note: Scopes openid, email & profile are required to fetch the user details so you will have to add these scopes in your client.
{% /note %}
After the applying these steps, the users in your realm are able to login in the openmetadata, as a suggestion create a user called "admin-user". Now you can update the configuration of your deployment:
{% inlineCalloutContainer %} {% inlineCallout color="violet-70" icon="celebration" bold="Docker Security" href="/deployment/security/keycloak/docker" %} Configure Keycloak SSO for your Docker Deployment. {% /inlineCallout %} {% inlineCallout color="violet-70" icon="storage" bold="Bare Metal Security" href="/deployment/security/keycloak/bare-metal" %} Configure Keycloak SSO for your Bare Metal Deployment. {% /inlineCallout %} {% inlineCallout color="violet-70" icon="fit_screen" bold="Kubernetes Security" href="/deployment/security/keycloak/kubernetes" %} Configure Keycloak SSO for your Kubernetes Deployment. {% /inlineCallout %} {% /inlineCalloutContainer %}
{% note %} A dockerized demo for showing how this SSO works with OpenMetadata can be found here. {% /note %}
{% inlineCalloutContainer %} {% inlineCallout color="violet-70" icon="MdArrowBack" bold="KeyCloak" href="/deployment/security/keycloak" %} Go to KeyCloak Configuration {% /inlineCallout %} {% /inlineCalloutContainer %}
