OpenShift 3

Procedure

  1. Click Identity Providers in the menu.

  2. From the Add provider list, select Openshift.

    Add identity provider

    Add Identity Provider

  3. Copy the value of Redirect URI to your clipboard.

  4. Register your client using the oc command-line tool.

    $ oc create -f <(echo '
kind: OAuthClient
apiVersion: v1
metadata:
 name: kc-client (1)
secret: "..." (2)
redirectURIs:
 - "http://www.example.com/" (3)
grantMethod: prompt (4)
')
1 The name of your OAuth client. Passed as client_id request parameter when making requests to <openshift_master>/oauth/authorize and <openshift_master>/oauth/token.
2 The secret Keycloak uses for the client_secret request parameter.
3 The redirect_uri parameter specified in requests to <openshift_master>/oauth/authorize and <openshift_master>/oauth/token must be equal to (or prefixed by) one of the URIs in redirectURIs. You can obtain this from the Redirect URI field in the Identity Provider screen
4 The grantMethod Keycloak uses to determine the action when this client requests tokens but has not been granted access by the user.

  1. In Keycloak, paste the value of the Client ID into the Client ID field.

  2. In Keycloak, paste the value of the Client Secret into the Client Secret field.

  3. Click Add.