topic Unable to use Identity Service (Keycloak) for authentication in Alfresco Forum https://connect.hyland.com/t5/alfresco-forum/unable-to-use-identity-service-keycloak-for-authentication/m-p/42757#M17771 <P>Using Alfresco Process Services docker image (<A href="https://hub.docker.com/r/alfresco/process-services" target="_blank" rel="nofollow noopener noreferrer">https://hub.docker.com/r/alfresco/process-services</A>) version 24.2.1 we are unable to configure the app to use Identity Service or Keycloak despite following the docs (<A href="https://docs.alfresco.com/process-services/latest/config/authenticate/#identity-service" target="_blank" rel="nofollow noopener noreferrer">https://docs.alfresco.com/process-services/latest/config/authenticate/#identity-service</A>). We've set all the required properties, copied it to docker container and started the app - standard, db based authentication page appears - no redirect to Identity Service/Keycloak. Our config file looks like shown below, and was copied to docker container (location: /usr/local/tomcat/webapps/activiti-app/WEB-INF/classes/META-INF/activiti-app/activiti-identity-service.properties). Is there sth we are missing? Please help us to settle this up.</P><PRE># -------------------------- # IDENTITY SERVICE # -------------------------- activiti.identity-service.enabled=true activiti.identity-service.realm=master activiti.identity-service.auth-server-url=http://localhost:8080 activiti.identity-service.resource=bpm activiti.identity-service.principal-attribute=email activiti.identity-service.retry.maxAttempts=20 activiti.identity-service.retry.delay=10000 # set secret key if access type is not public for this client in keycloak activiti.identity-service.credentials.secret=[SECRET] # If true will use keycloak logout URL from browser as specified in # https://www.keycloak.org/docs/6.0/securing_apps/index.html#logout # i.e. http://auth-server/auth/realms/{realm-name}/protocol/openid-connect/logout?redirect_uri=encodedRedirectUri activiti.use-browser-based-logout=false activiti.identity-service.cookie-auth-enabled=false # Content services Identity service configuration alfresco.content.sso.enabled=${activiti.identity-service.enabled} alfresco.content.sso.client_id=${activiti.identity-service.resource} alfresco.content.sso.client_secret=${activiti.identity-service.credentials.secret} alfresco.content.sso.realm=${activiti.identity-service.realm} alfresco.content.sso.scope=offline_access alfresco.content.sso.auth_uri=${activiti.identity-service.auth-server-url}/realms/${alfresco.content.sso.realm}/protocol/openid-connect/auth alfresco.content.sso.token_uri=${activiti.identity-service.auth-server-url}/realms/${alfresco.content.sso.realm}/protocol/openid-connect/token alfresco.content.sso.redirect_uri=http://localhost:9999/activiti-app/app/rest/integration/sso/confirm-auth-request</PRE> Tue, 06 Aug 2024 06:01:31 GMT darkul 2024-08-06T06:01:31Z Unable to use Identity Service (Keycloak) for authentication https://connect.hyland.com/t5/alfresco-forum/unable-to-use-identity-service-keycloak-for-authentication/m-p/42757#M17771 <P>Using Alfresco Process Services docker image (<A href="https://hub.docker.com/r/alfresco/process-services" target="_blank" rel="nofollow noopener noreferrer">https://hub.docker.com/r/alfresco/process-services</A>) version 24.2.1 we are unable to configure the app to use Identity Service or Keycloak despite following the docs (<A href="https://docs.alfresco.com/process-services/latest/config/authenticate/#identity-service" target="_blank" rel="nofollow noopener noreferrer">https://docs.alfresco.com/process-services/latest/config/authenticate/#identity-service</A>). We've set all the required properties, copied it to docker container and started the app - standard, db based authentication page appears - no redirect to Identity Service/Keycloak. Our config file looks like shown below, and was copied to docker container (location: /usr/local/tomcat/webapps/activiti-app/WEB-INF/classes/META-INF/activiti-app/activiti-identity-service.properties). Is there sth we are missing? Please help us to settle this up.</P><PRE># -------------------------- # IDENTITY SERVICE # -------------------------- activiti.identity-service.enabled=true activiti.identity-service.realm=master activiti.identity-service.auth-server-url=http://localhost:8080 activiti.identity-service.resource=bpm activiti.identity-service.principal-attribute=email activiti.identity-service.retry.maxAttempts=20 activiti.identity-service.retry.delay=10000 # set secret key if access type is not public for this client in keycloak activiti.identity-service.credentials.secret=[SECRET] # If true will use keycloak logout URL from browser as specified in # https://www.keycloak.org/docs/6.0/securing_apps/index.html#logout # i.e. http://auth-server/auth/realms/{realm-name}/protocol/openid-connect/logout?redirect_uri=encodedRedirectUri activiti.use-browser-based-logout=false activiti.identity-service.cookie-auth-enabled=false # Content services Identity service configuration alfresco.content.sso.enabled=${activiti.identity-service.enabled} alfresco.content.sso.client_id=${activiti.identity-service.resource} alfresco.content.sso.client_secret=${activiti.identity-service.credentials.secret} alfresco.content.sso.realm=${activiti.identity-service.realm} alfresco.content.sso.scope=offline_access alfresco.content.sso.auth_uri=${activiti.identity-service.auth-server-url}/realms/${alfresco.content.sso.realm}/protocol/openid-connect/auth alfresco.content.sso.token_uri=${activiti.identity-service.auth-server-url}/realms/${alfresco.content.sso.realm}/protocol/openid-connect/token alfresco.content.sso.redirect_uri=http://localhost:9999/activiti-app/app/rest/integration/sso/confirm-auth-request</PRE> Tue, 06 Aug 2024 06:01:31 GMT https://connect.hyland.com/t5/alfresco-forum/unable-to-use-identity-service-keycloak-for-authentication/m-p/42757#M17771 darkul 2024-08-06T06:01:31Z