Keycloak Authentication #3447
Replies: 3 comments 1 reply
-
|
So I just did the same thing today and I believe the keycloak logs showed the error was because the "openid' scope wasn't provided. |
Beta Was this translation helpful? Give feedback.
-
|
I currently have the same problem, is there already a solution? |
Beta Was this translation helpful? Give feedback.
-
|
I made a comment on #2512 that might be relevant/related to this problem or at least help troubleshoot: #2512 (comment) |
Beta Was this translation helpful? Give feedback.
-
You fixed it for me today, 5 years later. Thank you sir! Hats off to you. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Question
Describe in details what you are trying to achieve and where do you need guidance.
Hello,
I have got Wiki.js up and running and am looking to integrate it with Keycloak. I have added Keycloak URLs under Wiki's Authentication section, and have added the Wiki client to my Keycloak instance. I am able to navigate to the Wiki login page, successfully log into Keycloak, and redirect back to Wiki.js. However, I land at a screen that says, "Failed to obtain access token".
I have searched through other issues on here, looked through the documentation, and have googled for possible causes of this message, but have had no luck. I suspect I am missing something, or have configured something incorrectly, but cannot seem to identify what.
My question is: what causes the error screen "Failed to obtain access token"? If there isn't a single cause, what is wrong with my configuration such that it would cause this error?
Note: SSL is disabled for my Wiki instance as it is behind a reverse proxy. Additonally, offline is set to true in my config.yml.
My Wiki configuration:
-----Host: https://my-host
-----Realm: MYREALM
-----Client ID: my-wiki
-----Client Secret: 1234........fc
-----Authorization Endpoint URL: https://my-host/auth/realms/MYREALM/protocol/openid-connect/auth
-----Token Endpoint URL: https://my-host/auth/realms/MYREALM/protocol/openid-connect/token
-----User Info Endpoint URL: https://my-host/auth/realms/MYREALM/protocol/openid-connect/userinfo
Logout from Keycloak on Logout is enabled
-----Logout Endpoint URL: https://my-host/auth/realms/MYREALM/protocol/openid-connect/logout
Allow self-registration is enabled
----Assign to group: Guests
-----Allowed Web Origins: https://mywiki
-----CallbackURL: https://mywiki/login/34h......60/callback
(Site URL is https://mywiki)
My Keycloak Client configuration:
-----ClientID: my-wiki
-----Client Protocol: openid-connect
-----Access Type: confidential
-----Root URL: https://mywiki
-----Valid Redirect URL: /, https://mywiki/login/34h........60/callback
-----Web Origins: https://mywiki
I've been debugging this for a week and am rather stumped by what I'm doing wrong. Any help is very much appreciated.
Host Info (please complete the following information):
OS: Linux, CentOS 7
Wiki.js version: 2.5.144
Database engine: Postgres 12.3
Beta Was this translation helpful? Give feedback.
All reactions