Examples¶
Keycloak OIDC with backend authorization¶
🚧 Default setup for OIDC authorization.
insight.properties:
oidc.server=https://auth.keycloak.idp.tld/realms/insightoidc.client.client_id=insight-appoidc.client.client_secret=your_client_secret
config.json/config.js
"oidc": {
"backend": true
}
Keycloak OIDC with frontend authorization¶
insight.properties:
oidc.server=https://auth.keycloak.idp.tld/realms/insight
config.json/config.js
"oidc": {
"server": "https://auth.keycloak.idp.tld/realms/insight"
"clientId": "insight-app"
}
MAS8¶
insight.properties:
oidc.server=https://auth.mas8.maximo.tld/oidc/endpoint/MaximoAppSuiteoidc.server.pkce=falseoidc.client.client_id=insight-appoidc.client.client_secret=your_client_secretoidc.userinfo.username=sub
config.json/config.js
"oidc": {
"backend": true
}
OIDC client for MAS8
{
"client_id": "insight-app",
"client_secret": "your_client_secret",
"publicClient": false,
"proofKeyForCodeExchange": false,
"scope": "openid profile email general",
"grant_types": [
"authorization_code",
"client_credentials",
"implicit",
"refresh_token",
"urn:ietf:params:oauth:grant-type:jwt-bearer"
],
"response_types": ["code", "token", "id_token token"],
"application_type": "web",
"subject_type": "public",
"post_logout_redirect_uris": [
"https://insight.local.ibfs.de/insight/auth/logout"
],
"preauthorized_scope": "openid profile email general",
"introspect_tokens": true,
"trusted_uri_prefixes": [
"https://insight.local.ibfs.de"
],
"redirect_uris": [
"https://insight.local.ibfs.de/insight/auth/callback",
"https://insight.local.ibfs.de/insight/cockpit/api/auth/callback"
]
}