Documentation in progress

Summary

• Customer has adopt central user management system such as keyCloak

• Customer wants to use KeyCloak to login into Iguana

• Leverage KeyCloak API and Iguana External Authentication with From HTTPS Channel for login

Design

Considerations

• Recommended to use a dedicated Iguana with a From HTTP Channel for Authentication, separate from the Production Iguana (Note: API call temporarily logs Username and Password).

• When external authentication is used, Iguana creates an “Ad Hoc” user session. Iguana will create an Ad Hoc user with no permissions if there are no matching Roles setup in both Iguana and KeyCloak. If a matching Iguana Role exists, Iguana will login the Ad Hoc user with the matching Iguana Roles. 

• The KeyCloak password and Iguana password do not need to match. Only the Role names.

How to

Code Examples

Reference

• How to install KeyCloak docker:

  • https://www.keycloak.org/getting-started/getting-started-docker

  • https://www.youtube.com/watch?v=NZI3C6vdjQk

• How to configure and API in KeyCloak: https://www.youtube.com/watch?v=zyqWpFUPTnE

• KeyCloak Postman project: https://documenter.getpostman.com/view/7294517/SzmfZHnd