Question Hansel Stange Gaete · May 13, 2020 API Manager + Auth with Keycloak Hi someone have tested that ? i try, but is not simple, and have no updated documentation about that in kong information. #API #InterSystems API Manager (IAM) #InterSystems IRIS 00 1 0 2 152
Eduard Lebedyuk · May 14, 2020 Check out the OpenID connect plugin for IAM.This doc mentions that Keycloak works with this plugin. Hansel Stange Gaete · Jun 30, 2020 ok, this docs are goob, but not all after many tries: curl -s -X POST http://..:8001/routes/.../plugins \--data name=openid-connect \--data config.issuer=https://.../.../.well-known/openid-configuration \--data config.client_id=... \--data config.client_secret=... \--data config.ssl_verify=false \--data config.verify_signature=false \--data config.consumer_optional=false \--data config.ssl_verify=false \--data config.introspection_endpoint=https://.../.../protocol/openid-connect/token/introspect \--data config.introspect_jwt_tokens=false \--data config.introspection_hint=access_token \--data config.auth_methods=introspection \--data config.scopes_claim=scope \--data config.reverify=true \--data config.cache_tokens=false \--data config.cache_introspection=false \--data config.scopes_required=... | python -mjson.tool it's a good idea replace ... with the rights words ;-)
Hansel Stange Gaete · Jun 30, 2020 ok, this docs are goob, but not all after many tries: curl -s -X POST http://..:8001/routes/.../plugins \--data name=openid-connect \--data config.issuer=https://.../.../.well-known/openid-configuration \--data config.client_id=... \--data config.client_secret=... \--data config.ssl_verify=false \--data config.verify_signature=false \--data config.consumer_optional=false \--data config.ssl_verify=false \--data config.introspection_endpoint=https://.../.../protocol/openid-connect/token/introspect \--data config.introspect_jwt_tokens=false \--data config.introspection_hint=access_token \--data config.auth_methods=introspection \--data config.scopes_claim=scope \--data config.reverify=true \--data config.cache_tokens=false \--data config.cache_introspection=false \--data config.scopes_required=... | python -mjson.tool it's a good idea replace ... with the rights words ;-)
Check out the OpenID connect plugin for IAM.
This doc mentions that Keycloak works with this plugin.
ok, this docs are goob, but not all
after many tries:
curl -s -X POST http://..:8001/routes/.../plugins \
--data name=openid-connect \
--data config.issuer=https://.../.../.well-known/openid-configuration \
--data config.client_id=... \
--data config.client_secret=... \
--data config.ssl_verify=false \
--data config.verify_signature=false \
--data config.consumer_optional=false \
--data config.ssl_verify=false \
--data config.introspection_endpoint=https://.../.../protocol/openid-connect/token/introspect \
--data config.introspect_jwt_tokens=false \
--data config.introspection_hint=access_token \
--data config.auth_methods=introspection \
--data config.scopes_claim=scope \
--data config.reverify=true \
--data config.cache_tokens=false \
--data config.cache_introspection=false \
--data config.scopes_required=... | python -mjson.tool
it's a good idea replace ... with the rights words ;-)