Keycloak (OpenID)

Configure OpenID Provider for Keycloak

Review OpenID Connect (SaaS) before you begin.

The notes below describe minimal steps to be taken in Keycloak. You may need to adjust the steps based on the specifics of your environment.

  1. Log in to your Keycloak server's Administrative Console.

  2. Select a realm or create a new one.

  3. Click Clients, then click the Createbutton.

  4. Enter the Client ID of your choosing (e.g. "SysdigMonitor") and take note of it.

    You will enter it in the OpenID Configuration page in the Sysdig Authentication Settings.

  5. Make sure the Client Protocol drop-down has openid-connect selected. Click the Save button.

  6. Configure OpenID Connect client:

  7. Click to the Credentials tab. Take note of the Secret that is shown.

    You will enter it in the OpenID settings

  8. Note that the Issuer URL will consist of https://KEYCLOAK_SERVER_ADDRESS/auth/realms/REALM_NAME, where KEYCLOAK_SERVER_ADDRESS and REALM_NAME are derived from your environment where you just created the configuration. You will enter it in the OpenID settings.