DEV Community

iderr
iderr

Posted on

Connect your AWX/Ansible Tower with Keycloak using OIDC !

Introduction

Want to connect your AWX/Ansible Tower with your SSO solution (thanks to openid connect), in my case keycloak, you're in the right place.
I have seen a lot of tutorials on how to configure with SAML, but not one with OIDC so here it is :)

Prerequisites

- A keycloak
- An ansible tower / awx
Enter fullscreen mode Exit fullscreen mode

If you respect all these prerequisites, you are good to go !

Tutorial

Go to your beautiful keycloak instance
Add a client in keycloak with this redirect url
https://AWX_HOST/sso/complete/oidc/
Something like this :

Keycloak

Get your keys in your credentials part (if not set, set it to Client ID and secret)

In your awx/tower instance, go to settings, generic oidc and fill all the infos :
OIDC key : Keycloak's client id
OIDC secret : Keycloak's client secret
OIDC provider : https://KEYCLOAK_HOST/realms/YOUR_REALM

Conclusion

Only that, yes.

Login

Your awx/ansible tower is now connected with keycloak.

See you on the next article !

Top comments (1)

Collapse
 
claudiuproject profile image
Claudiu T. • Edited

hi,

O try this but after i authenticate on Keycloak is keep came back to AWX login. The same situation is on SAML integration

Also OIDC provider = https://{HOST}/auth/realms/{Custom-Realm}/.well-known/openid-configuration