Skip to main content

Keycloak SSO

Set up Keycloak as your identity provider for Webrix.

What you’ll enter in Webrix

  • Client ID
  • Client Secret
  • Issuer (e.g., https://keycloak.example.com/realms/your-realm)
  • Callback URL (read‑only): {gatewayUrl}/api/auth/callback/keycloak

Steps in Keycloak

  1. In your realm, create a client (OpenID Connect, confidential).
  2. Set Valid redirect URIs to {gatewayUrl}/api/auth/callback/keycloak.
  3. Copy the Issuer (realm URL), Client ID, and Client Secret.

Finish in Webrix

  1. In Admin → Settings → Authentication, choose Provider: Keycloak.
  2. Paste Issuer, Client ID, and Client Secret.
  3. Click Save.

Docs: https://www.keycloak.org/docs/latest/securing_apps/index.html#_oidc