Keycloak

2022 KEYCLOAK CERTIFICATE FIX HERE

NOTE: Is that preffered_username setting wrong? Correct settings should be for OIDC login:

sudo snap set wekan oauth2-username-map='email'

sudo snap set wekan oauth2-email-map='email'

Outstanding Bug: Create the first user (admin) with the regular process. Then the remaining users can use the Register with OIDC process.

Keycloak settings: realm-export.zip

Keycloak at Docker Hub

Environment Variables that need to be set in your Wekan environment:

When creating a Client in keycloak, ensure the access type is confidential under the settings tab. After clicking save, you will have a Credentials tab. You can retrieve the secret from that location.

Snap

Copy below commands to auth.sh textfile, make it executeable chmod +x auth.sh and run it with ./auth.sh.

sudo snap set wekan oauth2-enabled='true'
sudo snap set wekan oauth2-client-id='<Keycloak create Client ID>'
sudo snap set wekan oauth2-secret='<Keycloak Client secret>'
sudo snap set wekan oauth2-server-url='<Keycloak server name>/auth'
sudo snap set wekan oauth2-auth-endpoint='/realms/<keycloak realm>/protocol/openid-connect/auth'
sudo snap set wekan oauth2-userinfo-endpoint='/realms/<keycloak realm>/protocol/openid-connect/userinfo'
sudo snap set wekan oauth2-token-endpoint='/realms/<keycloak realm>/protocol/openid-connect/token'
sudo snap set wekan oauth2-id-map='preferred_username'
sudo snap set wekan oauth2-username-map='preferred_username'
sudo snap set wekan oauth2-fullname-map='given_name'
sudo snap set wekan oauth2-email-map='email'

Debugging, if Snap OIDC login does not work

sudo snap set wekan debug='true'

Click Oidc button. Then:

sudo snap logs wekan.wekan
sudo systemctl status snap.wekan.wekan

Docker

docker-compose.yml

- DEBUG=true
- OAUTH2_ENABLED=true
- OAUTH2_CLIENT_ID=<Keycloak create Client ID>
- OAUTH2_SERVER_URL=<Keycloak server name>/auth
- OAUTH2_AUTH_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/auth
- OAUTH2_USERINFO_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/userinfo
- OAUTH2_TOKEN_ENDPOINT=/realms/<keycloak realm>/protocol/openid-connect/token
- OAUTH2_SECRET=<keycloak client secret>
- OAUTH2_ID_MAP=preferred_username
- OAUTH2_USERNAME_MAP=preferred_username
- OAUTH2_FULLNAME_MAP=given_name
- OAUTH2_EMAIL_MAP=email

Debugging, if Docker OIDC login does not work

docker logs wekan-app

Wekan - OpenSource Kanban

Wekan

General

Deep Dive Into WeKan
Meteor WeKan Roadmap - board at Wekan demo
Multiverse WeKan Roadmap
Docs/Manual
Change Language
Forgot Password
About
Test Edge
WeKan Design Principles
FAQ
IRC FAQ - answers to questions asked at IRC
Team
Press
Blog
Wekan vs Trello vs Restyaboard
Results of Survey 2020-01

Fake: Not WeKan kanban

Security

Scaling

Migrating

Support priorities for new features and bugfixes

Backup

Backup and Restore

Repair

Themes

Markdown Syntax

Login Auth

Automatic login
Disable Password Login
Forgot Password
Admin: Impersonate user
Adding Users
Active users Presence
Accounts Lockout: Brute force login protection
LDAP
LDAP AD Simple Auth
Keycloak
Google login
Azure
OAuth2, Auth0, GitLab, RocketChat
Oracle OIM on premise using OAuth2
ADFS 4.0 using OAuth2 and OpenID
Azure AD B2C using OAuth2
Nextcloud
CAS Please test
SAML Please test
Zitadel

Metrics, Logs, Stats

Integrations

Time

Features

Drag Drop on Mobile and Desktop
Rclone: Store attachments to cloud storage like S3, MinIO, etc
Python based features
Burndown and Velocity Chart
Wait Spinners
Translations
Default Language for All Users
Roadmap
Features
Planning Poker
Scaling
Custom Logo
Subtasks <== Has fix
Templates
Cover
Archive and Delete
Custom Fields
Fix Export board menu not visible on some boards
RAM usage
Demo
Swimlane Documentation
Customize Translations

Email

Email

Required Settings

Download

Download Wekan for various Platforms: Supported by xet7, Operating Systems, NAS, Cloud
Helm Chart for Kubernetes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly