Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
Keycloak and Proget Trial
-
I work for a software company in the medical care sector, and we have multiple development teams. Therefore, we would like to try Proget as a repository manager, and I have applied for and received a trial license. Since we have around 200 developers, Keycloak for user management is essential. Therefore, I attempted to connect Proget with our self-hosted Keycloak server. Keycloak reports successful login, but users are not logged into Proget. Could it be that this function does not work in the trial version?"
-
Hello,
I'm not familiar with Keycloak to give you a direct answer, but ProGet can integrate with LDAP and/or SAML protocols. Both of those will require configuration within ProGet, under Admin > Manage Security.
https://docs.inedo.com/docs/various-saml-overview
https://docs.inedo.com/docs/various-ldap-v4-advancedBest,
Alana
-
Hello Alana,
In your documentation, there is a section titled "3. Configure Inedo Product" that includes the following point:
"User directory - configures an "external" user directory that enables a third-party identity provider to automatically create/update users in the Inedo product when they are authenticated. You will be asked to create one on first use, and the directory should be unique per identity provider and identity provider application. Note: all authenticated users are configured to be administrators by default on initial creation."
Unfortunately, I couldn't find the "external" option in my trial version. Keycloak reports successful login, but the redirect to ProGet does not occur.
When setting up SAML, the following message appears above the configuration:
"SAML & Single Sign-on is a ProGet Enterprise feature, which means you can still configure it, but it won't actually be used to authenticate users at login in ProGet Basic or ProGet Free editions."Therefore, my question is whether it's possible to set up SAML with the trial version at all.
We would like to test this feature before deciding to purchase multiple licenses for an HA setup.
Best,
Markus
-
Thanks for clarifying; the "User directory" is outdated and I removed that from the documentation. In old versions of ProGet, you'd need to set up a separate directory. Now they are just added as Built-in users.
The Trial version should allow you to configure SAML. It sounds like the issue is that Keycloak is not redirecting to ProGet. I really wish I knew how to help troubleshoot... but after logging in, Keycloak is supposed to POST to
/saml-acs-callback
in the ProGet instance. I wonder if there's n additional thing that's not configured on Keycloak?Best,
Alana