@ -8,31 +8,31 @@ Configure and install keycloak server by following [Keycloak Installation Guide]
### Configure Keycloak UI
### Configure Keycloak UI
- Go to Clients
- Go to Clients
-> Click on account
- Click on account
-> Settings
- Settings
-> Enable `Implicit Flow`
- Enable `Implicit Flow`
-> Save
- Save
- Go to Users
- Go to Users
-> Click on the user
- Click on the user
-> Attribute, add a new attribute `Key` is `policy`, `Value` is name of the `policy` on MinIO (ex: `readwrite`)
- Attribute, add a new attribute `Key` is `policy`, `Value` is name of the `policy` on MinIO (ex: `readwrite`)
-> Add and Save
- Add and Save
- Go to Clients
- Go to Clients
-> Click on `account`
- Click on `account`
-> Settings, set `Valid Redirect URIs` to `*`, expand `Advanced Settings` and set `Access Token Lifespan` to `1 Hours`
- Settings, set `Valid Redirect URIs` to `*`, expand `Advanced Settings` and set `Access Token Lifespan` to `1 Hours`
-> Save
- Save
- Go to Clients
- Go to Clients
-> Client on `account`
- Client on `account`
-> Mappers
- Mappers
-> Create
- Create
- `Name` with any text
- `Name` with any text
- `Mapper Type` is `User Attribute`
- `Mapper Type` is `User Attribute`
- `User Attribute` is `policy`
- `User Attribute` is `policy`
- `Token Claim Name` is `policy`
- `Token Claim Name` is `policy`
- `Claim JSON Type` is `string`
- `Claim JSON Type` is `string`
-> Save
- Save
- Open http://localhost:8080/auth/realms/demo/.well-known/openid-configuration to verify OpenID discovery document, verify it has `authorization_endpoint` and `jwks_uri`
- Open http://localhost:8080/auth/realms/demo/.well-known/openid-configuration to verify OpenID discovery document, verify it has `authorization_endpoint` and `jwks_uri`