K
Q

Integrate Keycloak IODC with Kubernetes Dashboard for SSO

7/1/2020

Good day,

could you help me to fix a little issue with integration Keycloak SSO with Kubernetes Dashboard?

I’m trying to do the following steps: Keycloak configurations:

  • create a new Realm - Kubernetes
  • create client ID with internal sing in, generate Client ID - Kubernetes
  • create mapper group in Client
  • created user and group

Keycloak-gatekeeper (Proxy):

  • --discovery-url={{ .Values.keycloakProxy.serverHost }}
  • --redirection-url=https://{{ .Values.ingress.host.name }}
  • --upstream-url=https://{{ .Release.Name }}.{{ .Values.namespace }}.svc.cluster.local
  • --client-secret={{ .Values.keycloakProxy.clientSecret }}
  • --client-id=kubernetes
  • --listen=0.0.0.0:3000
  • --enable-refresh-tokens=false
  • --skip-upstream-tls-verify
  • --skip-openid-provider-tls-verify
  • --enable-logging=true
  • --enable-json-logging=true
  • --resources=uri=/*
  • --secure-cookie=false
  • --verbose

Kubernetes RBAC:

  • created the RBAC role name with the same name as in Keycloak

After that I’m trying to authenticate to k8s dashboard using and get the following problem:
After secseessfull authorization, Kubernetes Dashboard sends me 401 as an Unauthorised User.

-- Yurii
keycloak
kubernetes

Similar Questions

What's the difference between "volumeDevices" vs "volumeMounts" with k8s v1.13
Can I point an Ingress controller to an external service like AWS S3
The metrics of kubectl top nodes is not correct?
Accessing Kubernetes services through one IP (Master Node)
Kubernetes Port Forwarding - Error listen tcp4 127.0.0.1:88: bind: permission denied

0 Answers