Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to integrate Keycloak SSO and SLO with AKHQ using OIDC? #1968

Open
hooriehghahremani opened this issue Oct 6, 2024 · 0 comments
Open

How to integrate Keycloak SSO and SLO with AKHQ using OIDC? #1968

hooriehghahremani opened this issue Oct 6, 2024 · 0 comments

Comments

@hooriehghahremani
Copy link

I am trying to integrate Keycloak with AKHQ, using the OIDC (OpenID Connect) protocol for Single Sign-On (SSO) and Single Logout (SLO). I have successfully implemented SSO with the identity provider, but I am facing an issue with SLO.

My expectation is that when I log out from Keycloak, I should be logged out from all clients, and vice versa,but this is not happened and i can not understand why.

Here are the configuration setting for these services:

Akhq config:

        micronaut:
          security:
            enabled: true
            endpoints:
             logout:
              enabled: true
              path: http://keycloak/realms/myrealm/protocol/openid-connect/logout
              get-allowed: true
            redirect:
             logout: http://keycloak/realms/myrealm/protocol/openid-connect/logout
             login-success: "/ui"
            oauth2:
              enabled: true
              logout-uri: http://keycloak/realms/myrealm/protocol/openid-connect/logout
              redirect-uri: http://keycloak/realms/myrealm/protocol/openid-connect/logout
              callback-uri: "http://akhq/oauth/callback/keycloak"
              clients:
                keycloak:
                  client-id: "akhq"
                  client-secret: "*****"
                  openid:
                    issuer: "http://keycloak/realms/myrealm"
                    end-session:
                      enabled: true
                      url: http://keycloak/realms/myrealm/protocol/openid-connect/logout

Keycloak setting:

Client ID: http://akhq
Enabled: ON
Client Protocol: openid-connect
Standard Flow Enabled: ON
Implicit Flow Enabled: OFF
Direct Access Grants Enabled: ON 
OAuth 2.0 Device Authorization Grant Enabled: ON
Root URL: http://akhq
Valid Redirect URIs: http://akhq/*
Web Origins: http://akhq
Admin URL: http://akhq
Root URL: http://akhq
Valid post logout redirect URIs: http://akhq/logout
Front channel logout Enabled: ON
Front-channel logout URL : http://akhq/logoutt
Backchannel logout URL: http://akhq/logout
Backchannel logout session required Enabled: ON
Backchannel logout revoke offline sessions Enabled: ON / OFF

Has anyone experienced a similar issue or know how to resolve it?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Backlog
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hooriehghahremani