How To Authenticate via SAML with Keycloak as Identity Provider

Goal

In this article, we explain the step-by-step procedure to configure Keycloak as the SSO SAML-based Identity Provider for a Nextcloud instance.

Throughout the article, we are going to use the following variables values. These values must be adjusted to have the same configuration working in your infrastructure.

 

 

Keycloak Server URL

https://keycloak-server01.localenv.com:8443

Nextcloud Server URL

https://nc-general-demo.localenv.com

Authentication Realm

nc-general-demo.localenv.com

 

Procedure

Create a Realm

 

Create a Realm in Keycloak called nc-general-demo.localenv.com:

 

01-SSO-SAML-Keycloak-article

 

 

 

 

From Realm Settings→Keys, copy the field Public Keys→Certificate and keep it aside as you will need to paste it into the field Public X.509 certificate of the IdP in the SSO & SAML Authentication settings.

 

Embrace the text string between a -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- tokens.

 

 

 

 

 

Enable the SSO & SAML authentication application

 

 Login int


Attached Files
There are no attachments for this article.
Feedback

If you have any questions or feedback on this article, do not hesitate to contact us. We are here to help you get the most out of Nextcloud.