blob: 000604ed9effdbe89732b167237b5b61096f8d7a [file] [log] [blame]
==================================
Keycloak Formula
==================================
Service keycloak description
Sample Metadata
===============
Single keycloak service
.. code-block:: yaml
keycloak:
server:
enabled: true
Keycloak service with realm using LDAP identity provider
.. code-block:: yaml
keycloak:
server:
realm:
ldap-realm:
enabled: true
id: ldap-realm
client:
ldap-app:
enabled: true
base_url: /ldap-portal
redirect_uris:
- /ldap-portal/*
web_origins:
- "*"
public_client: false
admin_url: /ldap-portal
secret: password
protocol_mapper:
oidc-usermodel-property-mapper:
username:
name: username
user_attribute: username
claim_name: preferred_username
given_name:
name: given name
user_attribute: firstName
claim_name: given_name
family_name:
name: family name
user_attribute: lastName
claim_name: family_name
email:
name: email
user_attribute: email
claim_name: email
oidc-full-name-mapper:
full_name:
name: full_name
federation_provider:
ldap:
display_name: ldap-server
users_dn: ou=people,dc=keycloak,dc=org
user_object_classes: inetOrgPerson, organizationalPerson
username_ldap_attribute: uid
bind_dn: cn=admin,dc=keycloak,dc=org
bind_credential: password
rdn_ldap_attribute: uid
edit_mode: READ_ONLY
uuid_ldap_attribute: entryUUID
connection_url: ldap://localhost:10389
sync_registrations: false
federation_mapper:
user-attribute-ldap-mapper:
username:
name: username
provider_display_name: ldap-server
ldap_attribute: uid
model_attribute: username
mandatory: true
read_only: false
always_read: false
first_name:
name: first name
provider_display_name: ldap-server
ldap_attribute: cn
model_attribute: firstName
mandatory: true
read_only: false
always_read: false
last_name:
name: last name
provider_display_name: ldap-server
ldap_attribute: sn
model_attribute: lastName
mandatory: true
read_only: false
always_read: false
email:
name: email
provider_display_name: ldap-server
ldap_attribute: mail
model_attribute: email
mandatory: false
read_only: false
always_read: false
role-ldap-mapper:
realm_roles:
name: realm roles
provider_display_name: ldap-server
roles_dn: ou=groups,dc=cicd,dc=local
membership_ldap_attribute: member
role_name_ldap_attribute: cn
role_object_classes: groupOfNames
mode: LDAP_ONLY
realm_roles_mapping: true
References
==========
* A link to the documentation
* A link to the home page
* A link to the source code