Deployed 9a30355 to cells-v4 with MkDocs 1.6.1 and mike 2.1.3

Author: actions-user

cells-v4/index.html

@@ -23891,11 +23891,13 @@
 <h1 id="introduction">Introduction<a class="headerlink" href="#introduction" title="Permanent link">&para;</a></h1>
 <p><strong>Keycloak</strong> is a robust, open-source Identity and Access Management (IAM) tool that implements popular SSO standards like <strong>SAML</strong> and <strong>OpenID Connect (OIDC)</strong>.<br />
 It’s widely trusted for secure authentication in on-premise deployments, enabling organizations to centralize user identity and integrate easily with various services.</p>
-<p>This step-by-step guide will help you:
-- Register a new OIDC client in Keycloak.
-- Set up an OIDC Connector in <strong>Pydio Cells</strong>.
-- Map user attributes from Keycloak (using LDAP directory) to user roles in Pydio Cells.
-- Understand how to fix session-related issues and debug your configuration.</p>
+<p>This step-by-step guide will help you:</p>
+<ul>
+<li>Register a new OIDC client in Keycloak.</li>
+<li>Set up an OIDC Connector in <strong>Pydio Cells</strong>.</li>
+<li>Map user attributes from Keycloak (using LDAP directory) to user roles in Pydio Cells.</li>
+<li>Understand how to fix session-related issues and debug your configuration.</li>
+</ul>
 <h2 id="s1-register-a-new-oidc-client-in-keycloak">S1. Register a New OIDC Client in Keycloak<a class="headerlink" href="#s1-register-a-new-oidc-client-in-keycloak" title="Permanent link">&para;</a></h2>
 <p>To enable SSO, first register a new client that represents Pydio Cells in your Keycloak instance.</p>
 <blockquote>
@@ -23906,21 +23908,27 @@ <h2 id="s1-register-a-new-oidc-client-in-keycloak">S1. Register a New OIDC Clien
 <div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span><span class="normal"><a href="#__codelineno-0-1">1</a></span></pre></div></td><td class="code"><div><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1"></a>Clients → Create Client
 </code></pre></div></td></tr></table></div></p>
 <p><a class="glightbox" href="../../images/connectors/keycloak/create-new-client.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/create-new-client.png" /></a></p>
-<p><strong>Example values:</strong>
-- <strong>Client ID:</strong> <code>demo.cells.pydio</code>
-- <strong>Name:</strong> <code>Cells Demo</code></p>
+<p><strong>Example values:</strong></p>
+<ul>
+<li><strong>Client ID:</strong> <code>demo.cells.pydio</code></li>
+<li><strong>Name:</strong> <code>Cells Demo</code></li>
+</ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/keycloak-new-client-0.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/keycloak-new-client-0.png" /></a></p>
-<p><strong>Configure redirect and URLs:</strong>
-- <strong>Root URL:</strong> Pydio Cells URL
-- <strong>Home URL:</strong> Same as above
-- <strong>Valid Redirect URIs:</strong> Callback URL generated by the Connector in Step 2
-- <strong>Valid Post Logout Redirect URIs:</strong> Leave empty
-- <strong>Web Origins:</strong> Pydio Cells URL</p>
+<p><strong>Configure redirect and URLs:</strong></p>
+<ul>
+<li><strong>Root URL:</strong> Pydio Cells URL</li>
+<li><strong>Home URL:</strong> Same as above</li>
+<li><strong>Valid Redirect URIs:</strong> Callback URL generated by the Connector in Step 2</li>
+<li><strong>Valid Post Logout Redirect URIs:</strong> Leave empty</li>
+<li><strong>Web Origins:</strong> Pydio Cells URL</li>
+</ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/keycloak-create-client-3.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/keycloak-create-client-3.png" /></a></p>
-<p><strong>New Client Capability:</strong>
-- <strong>Cells Authentication:</strong> Yes
-- <strong>Authorization:</strong> Off
-- <strong>Authentication Flow:</strong> Standard</p>
+<p><strong>New Client Capability:</strong></p>
+<ul>
+<li><strong>Cells Authentication:</strong> Yes</li>
+<li><strong>Authorization:</strong> Off</li>
+<li><strong>Authentication Flow:</strong> Standard</li>
+</ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/keycloak-new-client-2.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/keycloak-new-client-2.png" /></a></p>
 <h3 id="client-credentials">Client Credentials<a class="headerlink" href="#client-credentials" title="Permanent link">&para;</a></h3>
 <p>Enabling <code>Cells Authentication</code> generates a <strong>Client Secret</strong>. Pydio Cells uses this secret to securely authenticate with Keycloak’s OIDC endpoints.</p>
@@ -23930,30 +23938,38 @@ <h2 id="s2-create-a-new-connector-in-pydio-cells">S2. Create a New Connector in
 <p><strong>Cells Admin Console:</strong><br />
 <div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span><span class="normal"><a href="#__codelineno-1-1">1</a></span></pre></div></td><td class="code"><div><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1"></a>Settings → Authentication → OAUTH2/OIDC → Create New Connector
 </code></pre></div></td></tr></table></div></p>
-<p>In the pop-up:
-- <strong>Connector type:</strong> OpenID Connect
-- <strong>ID:</strong> <code>keycloak</code> (won't be changed)
-- <strong>Name:</strong> Example: <code>SSO with Keycloak</code> (can be customized later)</p>
+<p>In the pop-up:</p>
+<ul>
+<li><strong>Connector type:</strong> OpenID Connect</li>
+<li><strong>ID:</strong> <code>keycloak</code> (won't be changed)</li>
+<li><strong>Name:</strong> Example: <code>SSO with Keycloak</code> (can be customized later)</li>
+</ul>
 <p>The <strong>Issuer (Canonical URL)</strong> updates automatically based on the ID. This URL acts as the callback where Keycloak sends tokens after authentication.</p>
 <p><a class="glightbox" href="../../images/connectors/keycloak/cells-new-connector-2.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/cells-new-connector-2.png" /></a></p>
 <p>Pause here, return to <strong>Step 1</strong>, and add the generated callback URL to the client’s valid redirect URIs in Keycloak.</p>
 <h3 id="complete-the-connector-configuration">Complete the Connector Configuration<a class="headerlink" href="#complete-the-connector-configuration" title="Permanent link">&para;</a></h3>
 <p>Once you have your <strong>Client ID</strong> and <strong>Client Secret</strong>, continue filling out:</p>
 <ul>
 <li>
-<p><strong>Issuer - Canonical URL:</strong><br />
-  Format: <code>https://domain/realms/realm-name</code><br />
-  Example: <code>https://sso.keycloak.pydio/realms/master</code></p>
+<p><strong>Issuer - Canonical URL:</strong>  </p>
+</li>
+<li>
+<p>Format: <code>https://domain/realms/realm-name</code>  </p>
+</li>
+<li>
+<p>Example: <code>https://sso.keycloak.pydio/realms/master</code></p>
 </li>
 <li>
 <p><strong>Client ID:</strong> The client ID from Step 1 (<code>demo.cells.pydio</code>)</p>
 </li>
 <li><strong>Client Secret:</strong> Copied from Keycloak.</li>
 </ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/cells-new-connector-3.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/cells-new-connector-3.png" /></a></p>
-<p><strong>Additional options:</strong>
-- <strong>Insecure Skip Email Verified:</strong> Set <code>On</code> if using a trusted directory.
-- <strong>Get User Info:</strong> On</p>
+<p><strong>Additional options:</strong></p>
+<ul>
+<li><strong>Insecure Skip Email Verified:</strong> Set <code>On</code> if using a trusted directory.</li>
+<li><strong>Get User Info:</strong> On</li>
+</ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/cells-new-connector-4.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/cells-new-connector-4.png" /></a></p>
 <p>Once saved, your Pydio Cells login page will display an additional <strong>“SSO with Keycloak”</strong> option.</p>
 <h1 id="advanced-setup">Advanced Setup<a class="headerlink" href="#advanced-setup" title="Permanent link">&para;</a></h1>
@@ -23965,13 +23981,15 @@ <h3 id="1-map-ldap-user-to-usermodel-in-keycloak">1. Map LDAP User to UserModel
 <p><strong>Keycloak Admin Console:</strong><br />
 <div class="highlight"><table class="highlighttable"><tr><td class="linenos"><div class="linenodiv"><pre><span></span><span class="normal"><a href="#__codelineno-2-1">1</a></span></pre></div></td><td class="code"><div><pre><span></span><code><a id="__codelineno-2-1" name="__codelineno-2-1"></a>User Federation → Select LDAP Provider → Mappers → Create Mapper
 </code></pre></div></td></tr></table></div></p>
-<p>Example mapper:
-- <strong>Name:</strong> <code>memberOf to group</code>
-- <strong>Mapper type:</strong> <code>user-attribute-ldap-mapper</code>
-- <strong>User Model Attribute:</strong> <code>cellsgroups</code>
-- <strong>LDAP Attribute:</strong> <code>memberOf</code>
-- <strong>Read Only:</strong> On
-- <strong>Always Read Value From LDAP:</strong> On</p>
+<p>Example mapper:</p>
+<ul>
+<li><strong>Name:</strong> <code>memberOf to group</code></li>
+<li><strong>Mapper type:</strong> <code>user-attribute-ldap-mapper</code></li>
+<li><strong>User Model Attribute:</strong> <code>cellsgroups</code></li>
+<li><strong>LDAP Attribute:</strong> <code>memberOf</code></li>
+<li><strong>Read Only:</strong> On</li>
+<li><strong>Always Read Value From LDAP:</strong> On</li>
+</ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/keycloak-ldap-memberof-mapping.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/keycloak-ldap-memberof-mapping.png" /></a></p>
 <h3 id="2-create-a-client-scope-and-mapper">2. Create a Client Scope and Mapper<a class="headerlink" href="#2-create-a-client-scope-and-mapper" title="Permanent link">&para;</a></h3>
 <p><strong>Keycloak Admin Console:</strong><br />
@@ -23982,17 +24000,19 @@ <h3 id="2-create-a-client-scope-and-mapper">2. Create a Client Scope and Mapper<
 <li><strong>Description:</strong> Defines <code>cellsgroups</code> claim</li>
 </ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/keycloak-client-scope-settings.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/keycloak-client-scope-settings.png" /></a></p>
-<p>Add a new mapper in the scope:
-- <strong>Mapper Type:</strong> User Attribute
-- <strong>Name:</strong> User Group Mapper
-- <strong>User Attribute:</strong> <code>cellsgroups</code>
-- <strong>Token Claim Name:</strong> <code>cellsgroups</code>
-- <strong>Claim JSON Type:</strong> string
-- <strong>Add to ID Token:</strong> On
-- <strong>Add to Access Token:</strong> On
-- <strong>Add to Userinfo:</strong> On
-- <strong>MultiValued:</strong> On
-- <strong>Aggregate attribute values:</strong> On</p>
+<p>Add a new mapper in the scope:</p>
+<ul>
+<li><strong>Mapper Type:</strong> User Attribute</li>
+<li><strong>Name:</strong> User Group Mapper</li>
+<li><strong>User Attribute:</strong> <code>cellsgroups</code></li>
+<li><strong>Token Claim Name:</strong> <code>cellsgroups</code></li>
+<li><strong>Claim JSON Type:</strong> string</li>
+<li><strong>Add to ID Token:</strong> On</li>
+<li><strong>Add to Access Token:</strong> On</li>
+<li><strong>Add to Userinfo:</strong> On</li>
+<li><strong>MultiValued:</strong> On</li>
+<li><strong>Aggregate attribute values:</strong> On</li>
+</ul>
 <p><a class="glightbox" href="../../images/connectors/keycloak/keycloak-mapping-usermodel-attribute-to-claim.png" data-type="image" data-width="100%" data-height="auto" data-desc-position="bottom"><img alt="" src="../../images/connectors/keycloak/keycloak-mapping-usermodel-attribute-to-claim.png" /></a></p>
 <blockquote>
 <p><strong>Note:</strong> The <em>UserModel</em> is the user object in Keycloak.</p>

cells-v4/knowledge-base/identity-management/oidc_keycloak/index.html

@@ -1,14 +1,14 @@
 [
+  {
+    "version": "pydio-v8",
+    "title": "Pydio PHP (EOL)",
+    "aliases": []
+  },
   {
     "version": "cells-v4",
     "title": "Cells v4",
     "aliases": [
       "latest"
     ]
-  },
-  {
-    "version": "pydio-v8",
-    "title": "Pydio PHP (EOL)",
-    "aliases": []
   }
 ]