Keycloak SSO

Set up Logilica with Keycloak's Single Sign-On

Keycloak is an Identity Management service that implements an Identity Provider (IdP), using protocols such as SAML. Logilica's SSO supports Keycloak's SAML SSO.

To enable Keycloak SAML SSO with Logilica, please complete the following:

  1. Match Client ID and Entity ID In the Logilica SSO configuration, ensure the Entity ID field has the same value as Keycloak's Client ID. The client type should be SAML.

Keycloak Realm Client settings
Logilica Organisation Single Sign On settings
  1. Set Valid Redirect URIs In Keycloak, navigate to the Client's Settings page. Under Access Settings, for Valid Redirect URIs, please add 'https://logilica.io/*'.

    Keycloak Client Access settings
  2. Turn off Signing Keys From the Client's settings page, select the Keys tab. In the Signing Keys Configuration, turn off Client signature required.

Keycloak Client Keys settings
  1. Fill in Entry URL and Certificate fields The Entry URL and Certificate field can be obtained from the Realm's SAML 2.0 Identity Provider Metadata document.

Keycloak Realm SAML 2.0 Identity Provider Metadata

Please ensure you have at least one active user in the Realm with a verified email.

With this, Keycloak's SAML SSO has been set up with Logilica. For further details on logging in with SSO, please navigate to the SSO Integration page.

Last updated