Twake
⬅️ Go on twake
  • ☀️ Twake
  • Getting started
    • ▶️Use Twake on twake.app
    • 🏗️Install on your server
      • 🎡Scale with Twake
    • ⚙️Configuration
      • 🔒Security
      • 🔗Custom domain + HTTPS
        • Apache2 configuration
      • 💌Configure mail server
      • 🎨Customisation
      • 🔌Connectors and plugins
      • 👨‍💻 Authentication modes
        • Using Keycloak (LDAP, OpenID and more)
        • Installing Twake with LemonLDAP (LDAP, OpenID and more)
  • How to use it
    • 👋Welcome to Twake !
    • 🧰Console
      • Users
    • 🏢Company & workspace
      • Invite user from Chat
      • Rights
    • 💠Applications
      • 💬Chat
        • Channels
        • Message
      • 📂Drive
        • File and folder
        • Share file with public link
      • 📆Calendar
      • ✅Tasks
      • 🔃Connectors
        • n8n
    • 🖥️Desktop and mobile app
    • 🔒Privacy
  • Developers API
    • 🏠Home
    • 🥇Getting started
      • Create your first application
      • Authenticate with Postman
      • Send a message with your application
      • Trigger action from command
    • ⚙️Application settings
      • Api
      • Display
      • Privileges
      • Identity
    • 📖API Reference
      • Webhook
      • Drive
      • Message
        • DELETE Request
        • POST Request
      • Authentication
    • 🧱Blocks
  • Internal Documentation
    • 🥇Get started
    • 🎨Twake Ecosystem Guidelines
    • 📚Our stack
    • 🧱Backend and APIs
      • 🔑(WIP) Authentication
      • 👥Users and workspaces
      • 🍎Applications
        • Database models
        • REST APIs
      • 🎩Channels and tabs
        • Database models
      • 💬Messages
        • Database models
      • 📄Files
        • Database models
        • REST APIs
        • Resumable.js
      • 📲Notifications
        • Database models
      • 🛠️Twake service development
        • What is a service in Twake ?
        • Create a new service
        • Platform/Technical services
          • Database ORM platform service
    • 🖥️Web, desktop and mobile
      • Table
      • ObjectModal
        • ObjectModalTitle
        • ObjectModalSeparator
        • ObjectModalSectionTitle
        • ObjectModalFormTitle
      • UserListManager
      • MediumPopupManager
      • MenuManager
    • 🎭Translation
Powered by GitBook
On this page

Was this helpful?

  1. Getting started
  2. Configuration
  3. 👨‍💻 Authentication modes

Using Keycloak (LDAP, OpenID and more)

Use Keycloak with Twake

Previous👨‍💻 Authentication modesNextInstalling Twake with LemonLDAP (LDAP, OpenID and more)

Last updated 4 years ago

Was this helpful?

Run keycloak and persist data

cd twake
docker run -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin -v $(pwd)/docker-data/keycloak-db:/opt/jboss/keycloak/standalone/data jboss/keycloak

Configure keycloak with twake for the first time

On Keycloak

Go to http://localhost:8080/auth/

Login with admin:admin

Go to client > account > Credentials tab and save the Secret

Go to Settings tab and add a Valid Redirect uri to http://localhost:8000/* and save

Then create an user in User / Add User

⚠️ Users must have an email and the email must be marked as verified !

Then create a password for this user.

On Twake

Go to your [docker-compose file location]/configuration/backend/Parameters.php (see )

Change defaults.auth.openid to:

  "use" => true,
  "provider_uri" => 'http://[machine_ip]:8080/auth/realms/master',
  "client_id" => 'account',
  "client_secret" => '[keycloak_secret]',
  "logout_suffix" => "/protocol/openid-connect/logout" //Specific to keycloak

ℹ️ [machine_ip] Because Twake is accessing keycloak for inside a docker container, do not use localhost or 127.0.0.1 to access keycloak.

⚙️
Configuration