It's full of stars!

  • All Content
  • About

keycloak

SAP

SAP Gateway – Activate and test SAML 2.0 Logon with SAP WebGui for HTML

After establishing the trust between the SAML 2.0 IdP and SP and activating the IdP in SAP Gateway, the ABAP system is configured for SAML 2.0 logons. An easy way to test if SAML 2.0 is working is to log on to SAP WebGui for HTML. This is a standard Read more…

By Tobias Hofmann, 5 yearsFebruary 18, 2020 ago
SAP

SAP Gateway – Configure NameID and activate trusted SAML 2.0 IdP

Current state is that a trust between Gateway as SP and Keycloak as IdP is established. While the previous step established the trust, the IdP is not enabled in SAP Gateway. Meaning that SAML2.0  logons are not possible. For this to work, the IdP must be enabled. Currently, enabling is Read more…

By Tobias Hofmann, 5 yearsFebruary 12, 2020 ago
Cloud SAP Technology

Keycloak – Download SAML 2.0 IdP Metadata

As SAML 2.0 depends on trust, it is necessary to establish this trust by exchanging the metadata of the IdP and SP. When the SAML 2.0 client for Gateway (NPL001) was created, the metadata of the Gateway SP was important to Keycloak. In this step, the metadata of the IdP Read more…

By Tobias Hofmann, 5 yearsFebruary 6, 2020 ago
Cloud SAP Technology

Keycloak – Create a SAML 2.0 Client

In this step a new SAML 2.0 client is created in Keycloak by importing the Gateway SP metadata. After activating and configuring SAML 2.0 in Gateway, a Service Provider (SP) was created. A metadata file for that SP is available at the saml2 Web Dynpro ABAP application. This metadata file Read more…

By Tobias Hofmann, 5 yearsFebruary 4, 2020 ago
Cloud Technology

Keycloak – Installation via Docker

Keycloak is an identity and access management solution. Among its list of supported authentication mechanisms are SAML 2.0 and OpenID Connect. It is open source and can be installed via Docker. This simplifies the installation and makes it easy to start with Keycloak. You only have to ensure pass a Read more…

By Tobias Hofmann, 5 yearsJanuary 31, 2020 ago
Cloud Technology

OpenID Connect with Keycloak

This blog shows how to use Keycloak for OAuth 2.0 and OpenID Connect. Keycloak is an identity and access management solution. Among its list of supported authentication mechanisms are SAML 2.0 and OpenID Connect. It is open source and can be installed via Docker. I wrote how to install Keycloak Read more…

By Tobias Hofmann, 5 yearsDecember 23, 2019 ago
Cloud Technology

Get OpenID Connect tokens from Keycloak

After creating an OAuth 2.0 scope and client and assigning the scope to the client, we can test the configuration. To do this, we need to log on in Keycloak as the OAuth 2.0 client. Keycloak will then validate the client and provide the Access Tokens and the scope(s) assigned Read more…

By Tobias Hofmann, 5 yearsDecember 10, 2019 ago
Cloud Technology

Add OAuth 2.0 scope to client in Keycloak

After performing the previous steps in Keycloak, an OAuth 2.0 scope and client is available. To get the scope after the OAuth 2.0 client authenticates against Keycloak, you need to assign the scope to the client. Log on to Keycloak and go to clients and select oidclient. This is the Read more…

By Tobias Hofmann, 5 yearsDecember 2, 2019 ago
Cloud

Create OAuth 2.0 scope in Keycloak

OAuth uses scopes to restrict access to resources. “Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. An application can request one or more scopes, this information is then presented to the user in the consent screen, and the access token issued to Read more…

By Tobias Hofmann, 5 yearsNovember 27, 2019 ago
Cloud Technology

Add OAuth 2.0 client in Keycloak

In this article I will show how to add an OAuth 2.0 client in Keycloak. Log in to Keycloak and select a realm. In a new (empty) installation of Keycloak, the realm Master is selected by default. The realm name is important, as it is part of the URL used Read more…

By Tobias Hofmann, 6 yearsNovember 22, 2019 ago

Posts navigation

Previous 1 2
  • Datenschutzerklärung
  • Impressum
  • Cookie-Erklärung
Hestia | Developed by ThemeIsle