I’m trying to figure out how to get keycloak to provide the authentication for writefreely. Unfortunately much keycloak documentation I come across for examples is for older UI, which it appears keycloak massively changed in recent revisions, complicating getting some of the basics sorted out.
The other part of the problem is that there doesn’t seem to be a single example keycloak oauth config for writefreely.
So, I’ve created a realm in keycloak, added in the client/application, and I think things are close as I’ve worked through several errors/issues so far, such as putting in an appropriate scope.
When I’m trying to login with a user that seems to be registered in keycloak, the callback seems to be where things are failing - writefreely says “error: unable to inspect access token”.
Does anyone have any experience with keycloak + writefreely yet to provide specifics? I may have things bungled on the keycloak side, though I suspect my writefreely configs just aren’t correct yet:
[oauth.generic] client_id = theclientID client_secret = redacted host = https://auth.mycrowd.ca display_name = MyCrowd Auth callback_proxy = callback_proxy_api = token_endpoint = /realms/MyCrowd/protocol/openid-connect/token inspect_endpoint = /realms/MyCrowd/protocol/openid-connect/userinfo auth_endpoint = /realms/MyCrowd/protocol/openid-connect/auth scope = profile email allow_disconnect = map_user_id = map_username = map_display_name = map_email =