public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-04-16 11:25:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add client roles mapping section

Browse Source
This commit is contained in:
eliaoggian
2023-09-07 16:27:23 +02:00
committed by Billy Tat
parent 945315f245
commit da58903325
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md
View File

@@ -35,6 +35,7 @@ If you have an existing configuration using the SAML protocol and want to switch
`Name` | `Groups Mapper`
`Mapper Type` | `Group Membership`
`Token Claim Name` | `groups`
`Full group path` | `OFF`
`Add to ID token` | `OFF`
`Add to access token` | `OFF`
`Add to user info` | `ON`
@@ -46,6 +47,7 @@ If you have an existing configuration using the SAML protocol and want to switch
`Name` | `Client Audience`
`Mapper Type` | `Audience`
`Included Client Audience` | <CLIENT_NAME>
`Add to ID token` | `OFF`
`Add to access token` | `ON`
- Create a new "Groups Path" with the settings below.
@@ -56,8 +58,18 @@ If you have an existing configuration using the SAML protocol and want to switch
`Mapper Type` | `Group Membership`
`Token Claim Name` | `full_group_path`
`Full group path` | `ON`
`Add to ID token` | `ON`
`Add to access token` | `ON`
`Add to user info` | `ON`
- Add the following Role Mappings to all users or groups that need to query the Keycloak users
```
Role Mappings > Client Roles > realm-management
+ query-users
+ query-groups
+ view-users
```
## Configuring Keycloak in Rancher
1. In the Rancher UI, click **☰ > Users & Authentication**.