#SSO #keycloack

Hi everybody

I just concluded a simple project on Bonita and deployed locally on the tomcat bundle provided. Now I'm looking to implement an OID authentication using Keycloak as IdP. What I would like to do is using the Keycloak login page to authenticate my existing realms user, and in case a user does not exist on Bonita organization create it with a given role based on the JWT Token content.

I found on the documentation something about Keycloak configuration, but it's available only for enterprise version. Is there something usable in community version too?

Hello,

Je rencontre des difficultés dans la configuration de la connexion SSO avec SAML. Je suis bien redirigé vers l'Idp pour l'authentification, mais je ne suis pas redirigé ensuite sur mon application Bonita.

Quand je reviens sur celui-ci, mon JSESSIONID est différent, et il tente à nouveau de se connecter.

Je reçois bien une réponse SAML de mon Idp, mais je rencontre cette erreur dans le log : org.keycloak.adapters.saml.profile.webbrowsersso.WebBrowserSsoAuthenticationHandler Error extracting SAML assertion: null.

Hello,

For a project, we try to have to ways to access the bonita platform.

One is with an internal link (let say https://link.internal.web DNS) and one with an internet link (let says https//external.mysite.com).

So we setup eerything in order to achieve that, and without SSO, it's working. Yet, now, we try to activate SSO (Azure one).

On the SSO side, for one given EntityID, there can be only "go back" url. In this case, we have set it up so that we have the https//external.mysite.com/bonita/saml url.