@@ -12,8 +12,6 @@ Administration Guide's
1212[ Identity Brokering] ( https://www.keycloak.org/docs/latest/server_admin/#_identity_broker )
1313section.
1414
15- ![ Identity broker process] ( ../../assets/guides/deployments/SAML-process.png )
16-
1715## Step 1: Create a new Realm in Keycloak
1816
1917The first part of configuring the identity broker is to add a new Realm. This
@@ -69,51 +67,51 @@ Realm will be where we will add the
6967 ([ this Keycloak document] ( https://www.keycloak.org/docs/latest/server_admin/#saml-v2-0-identity-providers )
7068 provides additional information about adding a SAML 2.0 Identity Provider).
7169
72- ![ Keycloak identity providers] ( ../../assets/guides/deployments/keycloak-identity-providers .png )
70+ ![ Keycloak identity providers] ( ../../assets/guides/deployments/SAML-config-3 .png )
7371
74721 . On the IdP configuration page, specify an ** Alias** to use for your IdP
7573 provider.
7674
77751 . Scroll to the bottom of the configuration page and upload the IdP metadata
7876 you exported from JumpCloud.
7977
80- ![ Keycloak metadata import] ( ../../assets/guides/deployments/keycloak-metadata-import .png )
78+ ![ Keycloak metadata import] ( ../../assets/guides/deployments/SAML-config-4 .png )
8179
8280### Optional: Specify JumpCloud as the default IdP
8381
84821 . Navigate to ** Authentication** .
8583
86841 . Select the ** Browser** flow from the dropdown in the top-left.
8785
88- ![ Default Identity Provider] ( ../../assets/guides/deployments/keycloak-default-IdP .png )
86+ ![ Default Identity Provider] ( ../../assets/guides/deployments/SAML-config-5 .png )
8987
90881 . Find the ** Identity Provider Redirector** row and click ** Actions** >
9189 ** Config** .
9290
93- ![ Identity Provider Redirector] ( ../../assets/guides/deployments/keycloak-IdP-redirector .png )
91+ ![ Identity Provider Redirector] ( ../../assets/guides/deployments/SAML-config-6 .png )
9492
95931 . Set ** Alias** and ** Default Identity Provider** to the alias of the identity
9694 provider you created earlier.
9795
98- ![ Authenticator Config] ( ../../assets/guides/deployments/keycloak-authenticator- config.png )
96+ ![ Authenticator Config] ( ../../assets/guides/deployments/SAML- config-7 .png )
9997
10098## Step 4: Configure the OpenID Connect (OIDC) Connector in Keycloak
10199
1021001 . Navigate to ** Clients** and click ** Create** .
103101
104- ![ Create Client Connector] ( ../../assets/guides/deployments/keycloak-create-client .png )
102+ ![ Create Client Connector] ( ../../assets/guides/deployments/SAML-config-8 .png )
105103
1061041 . Add a new OIDC Client to point to your Coder deployment and click ** Save** .
107105
108- ![ Add OIDC client] ( ../../assets/guides/deployments/keycloak-add-client .png )
106+ ![ Add OIDC client] ( ../../assets/guides/deployments/SAML-config-9 .png )
109107
1101081 . Once on the ** Clients** configuration page, set the ** Access Type** to
111109 ** Confidential** and click ** Save** .
112110
1131111 . Your client configuration should look something like the following (make sure
114112 that all of the values point to your Coder deployment):
115113
116- ![ Client Configuration] ( ../../assets/guides/deployments/keycloak-client- config.png )
114+ ![ Client Configuration] ( ../../assets/guides/deployments/SAML- config-10 .png )
117115
118116At this point, you can configure your Coder deployment to use the Keycloak OIDC
119117Connector.
@@ -129,7 +127,7 @@ Connector.
1291271 . Add the ** Secret** to the ** Client Secret** field (you can get this value
130128 from the ** Credentials** page in the Keycloak Clients Configuration).
131129
132- ![ Keycloak Secret] ( ../../assets/guides/deployments/keycloak-secret .png )
130+ ![ Keycloak Secret] ( ../../assets/guides/deployments/SAML-config-11 .png )
133131
1341321 . Add your Keycloak instance and Realm as the ` Issuer ` . This will be a URL
135133 formatted as follows: ` https://<my-keycloak-url>/auth/realms/<my-realm> `
0 commit comments