mirror of
https://github.com/funkypenguin/geek-cookbook/
synced 2026-07-12 07:03:07 +00:00
Fix more broken links, add lazy-loading to images
This commit is contained in:
@@ -24,11 +24,11 @@ You start in the "Master" realm - but mouseover the realm name, to a dropdown bo
|
||||
|
||||
### Create Realm
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
Enter a name for your new realm, and click "_Create_":
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
### Setup User Federation
|
||||
|
||||
@@ -44,7 +44,7 @@ Once in the desired realm, click on **User Federation**, and click **Add Provide
|
||||
|
||||
Save your changes, and then navigate back to "User Federation" > Your LDAP name > Mappers:
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
For each of the following mappers, click the name, and set the "_Read Only_" flag to "_Off_" (_this enables 2-way sync between KeyCloak and OpenLDAP_)
|
||||
|
||||
@@ -53,7 +53,7 @@ For each of the following mappers, click the name, and set the "_Read Only_" fla
|
||||
* email
|
||||
* first name
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
## Summary
|
||||
|
||||
|
||||
@@ -16,17 +16,17 @@ Existing:
|
||||
|
||||
Within the "Master" realm (_no need for more realms yet_), navigate to **Manage** -> **Users**, and then click **Add User** at the top right:
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
Populate your new user's username (it's the only mandatory field)
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
### Set User Credentials
|
||||
|
||||
Once your user is created, to set their password, click on the "**Credentials**" tab, and procede to reset it. Set the password to non-temporary, unless you like extra work!
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
## Summary
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@ description: Kick-ass OIDC and identity management
|
||||
|
||||
KeyCloak's OpenID provider can also be used in combination with [Traefik Forward Auth](/docker-swarm/traefik-forward-auth/), to protect [vulnerable services](/recipes/autopirate/nzbget/) with an extra layer of authentication.
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
--8<-- "recipe-standard-ingredients.md"
|
||||
|
||||
|
||||
@@ -22,11 +22,11 @@ Having an authentication provider is not much use until you start authenticating
|
||||
|
||||
Within the "Master" realm (*no need for more realms yet*), navigate to **Clients**, and then click **Create** at the top right:
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
Enter a name for your client (*remember, we're authenticating **applications** now, not users, so use an application-specific name*):
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
### Configure Client
|
||||
|
||||
@@ -35,13 +35,13 @@ Once your client is created, set at **least** the following, and click **Save**
|
||||
* **Access Type** : Confidential
|
||||
* **Valid Redirect URIs** : <The URIs you want to protect\>
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
### Retrieve Client Secret
|
||||
|
||||
Now that you've changed the access type, and clicked **Save**, an additional **Credentials** tab appears at the top of the window. Click on the tab, and capture the KeyCloak-generated secret. This secret, plus your client name, is required to authenticate against KeyCloak via OIDC.
|
||||
|
||||

|
||||
{ loading=lazy }
|
||||
|
||||
## Summary
|
||||
|
||||
|
||||
Reference in New Issue
Block a user