Keycloak

Using the con terra Technologies Identity Service, service.monitor can delegate the authentication of people to Keycloak . This means that they can log in to service.monitor using their Keycloak account.

Establish connection between service.monitor and Keycloak

The connection of service.monitor with Keycloak is done in two steps.

Step 1: Install and configure Identity Service

In this step, you install and configure the Identity Service as a separate web application. To do this, follow these steps from the Identity Service documentation:

  1. Install the Identity Service.

  2. Connect the Identity Service to Keycloak.

  3. Configure service.monitor as a trusted service in the Identity Service.

  4. Configure services to be requested with an access token as trusted-services in the Identity Service.

Step 2: Configure service.monitor.

To enable login delegation, set the following parameters in the configuration:

Sample configuration
security.mode=IDENTITY
security.login.base=https://www.example.com/identity
security.mode

The IDENTITY value specifies that authentication is to be delegated via the Identity Service.

security.login.base

Base URL of the Identity Service.

security.identity.logout.returnURL

URL to which the application should jump after a logout.