Introduction
Want to connect your AWX/Ansible Tower with your SSO solution (thanks to openid connect), in my case keycloak, you're in the right place.
I have seen a lot of tutorials on how to configure with SAML, but not one with OIDC so here it is :)
Prerequisites
- A keycloak
- An ansible tower / awx
If you respect all these prerequisites, you are good to go !
Tutorial
Go to your beautiful keycloak instance
Add a client in keycloak with this redirect url
https://AWX_HOST/sso/complete/oidc/
Something like this :
Get your keys in your credentials part (if not set, set it to Client ID and secret)
In your awx/tower instance, go to settings, generic oidc and fill all the infos :
OIDC key : Keycloak's client id
OIDC secret : Keycloak's client secret
OIDC provider : https://KEYCLOAK_HOST/realms/YOUR_REALM
Conclusion
Only that, yes.
Your awx/ansible tower is now connected with keycloak.
See you on the next article !
Top comments (1)
hi,
O try this but after i authenticate on Keycloak is keep came back to AWX login. The same situation is on SAML integration
Also OIDC provider = https://{HOST}/auth/realms/{Custom-Realm}/.well-known/openid-configuration