Menu
▾
▴
Re: [Unity-idm-discuss] Unity Keycloak RP
|
From: Bernd S. <b.s...@fz...> - 2021-12-06 09:44:41
|
hi Anthony, we have the UNICORE authentication by Keycloak OAuth tokens up and running (the EBRAINS IdP is Keycloak). To complememt what Krzysztof has written, you'll need an input translation profile that maps the info from the token to an x500 identity I've attached two screenshots, the one is the authenticator config, the other the input profile. Of course the authenticator needs to be active on the UNICORE SAML SOAP endpoint Hope this helps! Best regards, Bernd On 03.12.21 22:27, Anthony M wrote: > Hello, > > Currently, I have incorporated Unity as an OAuth client using Keycloak. This allows users to login to the /home endpoint, resulting in user creation (including X500 name). However, I want to authenticate these newly created users through UNICORE by passing OAuth tokens (from Keycloak). I set up a Oauth RP in Unity by including the Keycloak “openid-connect/token/introspect” endpoint for token verification, and respective Keycloak profile endpoint (/userinfo). In addition, I connected the RP to a SAML SOAP endpoint (unicore-soapidp-oidc/saml2unicoreidp-soap/AuthenticationService). However, user authentication is failing. > > What would be the necessary steps to get this workflow working? Currently I have no remote data mapping set up with the OAuth RP, which may be causing issues when trying to map the verified tokens to the SOAP endpoint. > > > Thank you for your help. > > > > Regards, > > Anthony Mammoliti > -- Dr. Bernd Schuller Federated Systems and Data, Juelich Supercomputing Centre https://www.fz-juelich.de/ias/jsc/EN/Home/home_node.html Phone: +49 246161-8736 (fax -8556) ------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------ Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr. Astrid Lambrecht, Prof. Dr. Frauke Melchior ------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------ |
