🎓Keycloak

Create a realm

• Click on the dropdown in the top-left corner where it says Master, then click on Create Realm
• Fill the name of your realm.

Create a client

• Click on the client button in left menu

• Then click on Create client button.

• Enter the client data
• Enable Client authentication checkbox.

• Add <aidbox-url>/auth/callback/keycloak to Valid redirect URIs field.

Create IdentityProvider in Aidbox

• Open REST console in AidboxUI and create IdentityProvider resource

POST /IdentityProvider

scopes:
  - profile
  - openid
system: keycloak
userinfo_endpoint: <keycloak-url>/realms/<your-realm>/protocol/openid-connect/userinfo
authorize_endpoint: <keycloak-url>/realms/<your-realm>/protocol/openid-connect/auth
token_endpoint: <keycloak-url>/realms/<your-realm>/protocol/openid-connect/token
client:
  id: <your client id>
  secret: <your client secret>
resourceType: IdentityProvider
title: Keycloak
active: true
id: keycloak

You can find client secret on Clients details page under Credentials tab

Login into Aidbox

Go to your Aidbox base URL, you will be redirected to the login page - you should see "Log in with Keycloak" button. Press this button and log in with Keycloak user into aidbox. This user will be logged into Aidbox Console, but without any permissions. Read more in Access Control Section about permissions.