Versions Compared

Old Version 1

changes.mady.by.user Nichole Anderson

Saved on

compared with

New Version Current

changes.mady.by.user Daniel Boteanu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Rampiva Scheduler 5.5 or later

  • OpenJDK 11 or later installed

...

Instructions

A. Perform a Basic

...

Keycloak Installation

1

Download and extract https://github.com/keycloak/keycloak/releases/download/17.0.0/keycloak-17.0.0.zip

2

In a command prompt, open the directory keycloak-17.0.0, then to start Keycloak.

Note

In this mode, Keycloak does not start automatically when the server is rebooted. To make Keycloak start automatically, use a service manager such as NSSM.

On Linux run:

Code Block
bin/kc.sh start-dev

On Windows run:

Code Block
"bin/kc.bat" start-dev

3

Create an administrative user by navigating to http://localhost:8080/, filling in the Administration Console form and clicking Create.

Info

The administrative user is used to manage the Keycloak configuration.

Image Modified

B. Create Users in

...

Keycloak

1

Login to the admin console at http://localhost:8080/admin.

Image Modified
2

Hover the mouse over the dropdown in the top-left corner label Master, then click Add realm.

Image Modified
3

Fill in the name of the realm and click Create.

Info

In this article we use the realm name rampiva.

Image Modified
4

Click Users on the left-hand menu.

Image Modified
5

Click Add user from the top-right corner of the table.

6

Fill in the the Username, First Name and Last Name and click Save.

Info

In this example we will create a user with the following details:

Username: john
Email: john.doe@rampiva.com
First Name: John
Last Name: Doe

Note

It is important to provide an email for the user because the email address is used as the unique identifier by the Authentication Service.

Image Modified
7

Select the Credentials tab at the top of the page.

Image Modified
8

Fill in the Set Password section, and then click Set Password.

C. Configure the Authentication Service in

...

KeyCloak

1

Login to the admin console at http://localhost:8080/admin.

Image Modified
2

Click Clients.

3

Click Create in the top-right corner.

4

Provide a Client ID.

Info

The Client ID is the name of the authentication service, and will be shared between Keycloak and Rampiva.

In this example, we use the Client ID

cloack

Cloak-lab.

Image Modified
5

For the Client Protocol select openid-connect from the dropdown.

6

Leave the Root URL empty.

7

Click Save.

8

Set the Access Type as confidential.

Info

This setting will force the Client ID and the Client Secret to be required when logging in.

Image Modified
9

Set the Valid Redirect URIs to https://automate.example.com/api/v1/users/oidcResponse.

Note

Update https://automate.example.com with the URL on which Rampiva Automate is accessible.

10

Scroll down to the bottom of the page and click Save.

11

Navigate to the Credentials tab at the top of the page.

Image Modified
12

Take note of the Secret value.

13

Click Realm Settingsfrom the left-hand menu.

Image Modified
14

In the Endpoints field, right click OpenID Endpoint Configuration, and copy the link. We will refer to this link as the Well-Known Configuration URI later in this article.

D. Configure the Authentication Service in Rampiva Automate

1

Open Rampiva Automate and navigate to the Settings page.

Image Modified
2

From the Settings page, select Authentication Services panel.

3

Click the Add + OIDC Authentication Service button to create a new Authentication Service.

4

Enter the name for the Authentication Service, for example

Key Cloak

Keycloak.

Image Modified
5

For the Platform select Generic.

6

In the Well-Known Configuration URI field, type the value noted in the previous section at step 14 for this setting.

7

In the Scope field, type openid email profile

8

In the Username Claim field, type email

9

In the Client ID field, type the value noted in the previous section at step 4 for this setting.

10

In the Client Secret field, type the Secret value noted in the previous section at step 12 for this setting.

11

Click Add Service.

12

Log out of Rampiva Automate.

Tip

If the Keycloak configuration was successful, there should be an option named Sign In with

Key Cloak

Keycloak.

Image Modified
13

Test the authentication by clicking Sign In with

Key Cloak

Keycloak.

14

Enter the credentials of a user account and click Sign In.

Tip

If the integration with Keycloak was successful, you should now be signed into Rampiva Automate.

Image Modified

Page Properties
hiddentrue

Related issues