diff --git a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 2a30782e76cd..d02c51d97613 100644 --- a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -35,6 +35,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Groups Mapper` `Mapper Type` | `Group Membership` `Token Claim Name` | `groups` + `Full group path` | `OFF` `Add to ID token` | `OFF` `Add to access token` | `OFF` `Add to user info` | `ON` @@ -46,6 +47,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Client Audience` `Mapper Type` | `Audience` `Included Client Audience` | <CLIENT_NAME> + `Add to ID token` | `OFF` `Add to access token` | `ON` - Create a new "Groups Path" with the settings below. @@ -56,8 +58,15 @@ If you have an existing configuration using the SAML protocol and want to switch `Mapper Type` | `Group Membership` `Token Claim Name` | `full_group_path` `Full group path` | `ON` + `Add to ID token` | `ON` + `Add to access token` | `ON` `Add to user info` | `ON` +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## Configuring Keycloak in Rancher 1. In the Rancher UI, click **☰ > Users & Authentication**. diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 86dff79d0af7..2ef26659a3fa 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -31,6 +31,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Groups Mapper` | | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `groups` | + | `Full group path` | `OFF` | | `Add to ID token` | `OFF` | | `Add to access token` | `OFF` | | `Add to user info` | `ON` | @@ -42,6 +43,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Client Audience` | | `Mapper Type` | `Audience` | | `Included Client Audience` | <CLIENT_NAME> | + | `Add to ID token` | `OFF` | | `Add to access token` | `ON` | - 使用以下设置创建一个新的 "Groups Path": @@ -52,8 +54,15 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `full_group_path` | | `Full group path` | `ON` | + | `Add to ID token` | `ON` | + | `Add to access token` | `ON` | | `Add to user info` | `ON` | +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## 在 Rancher 中配置 Keycloak 1. 在 Rancher UI 中,单击 **☰ > 用户 & 认证**。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/i18n/zh/docusaurus-plugin-content-docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 86dff79d0af7..2ef26659a3fa 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/i18n/zh/docusaurus-plugin-content-docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -31,6 +31,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Groups Mapper` | | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `groups` | + | `Full group path` | `OFF` | | `Add to ID token` | `OFF` | | `Add to access token` | `OFF` | | `Add to user info` | `ON` | @@ -42,6 +43,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Client Audience` | | `Mapper Type` | `Audience` | | `Included Client Audience` | <CLIENT_NAME> | + | `Add to ID token` | `OFF` | | `Add to access token` | `ON` | - 使用以下设置创建一个新的 "Groups Path": @@ -52,8 +54,15 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `full_group_path` | | `Full group path` | `ON` | + | `Add to ID token` | `ON` | + | `Add to access token` | `ON` | | `Add to user info` | `ON` | +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## 在 Rancher 中配置 Keycloak 1. 在 Rancher UI 中,单击 **☰ > 用户 & 认证**。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/i18n/zh/docusaurus-plugin-content-docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 86dff79d0af7..2ef26659a3fa 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/i18n/zh/docusaurus-plugin-content-docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -31,6 +31,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Groups Mapper` | | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `groups` | + | `Full group path` | `OFF` | | `Add to ID token` | `OFF` | | `Add to access token` | `OFF` | | `Add to user info` | `ON` | @@ -42,6 +43,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Client Audience` | | `Mapper Type` | `Audience` | | `Included Client Audience` | <CLIENT_NAME> | + | `Add to ID token` | `OFF` | | `Add to access token` | `ON` | - 使用以下设置创建一个新的 "Groups Path": @@ -52,8 +54,15 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `full_group_path` | | `Full group path` | `ON` | + | `Add to ID token` | `ON` | + | `Add to access token` | `ON` | | `Add to user info` | `ON` | +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## 在 Rancher 中配置 Keycloak 1. 在 Rancher UI 中,单击 **☰ > 用户 & 认证**。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/i18n/zh/docusaurus-plugin-content-docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 86dff79d0af7..2ef26659a3fa 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/i18n/zh/docusaurus-plugin-content-docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -31,6 +31,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Groups Mapper` | | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `groups` | + | `Full group path` | `OFF` | | `Add to ID token` | `OFF` | | `Add to access token` | `OFF` | | `Add to user info` | `ON` | @@ -42,6 +43,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Client Audience` | | `Mapper Type` | `Audience` | | `Included Client Audience` | <CLIENT_NAME> | + | `Add to ID token` | `OFF` | | `Add to access token` | `ON` | - 使用以下设置创建一个新的 "Groups Path": @@ -52,8 +54,15 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `full_group_path` | | `Full group path` | `ON` | + | `Add to ID token` | `ON` | + | `Add to access token` | `ON` | | `Add to user info` | `ON` | +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## 在 Rancher 中配置 Keycloak 1. 在 Rancher UI 中,单击 **☰ > 用户 & 认证**。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/i18n/zh/docusaurus-plugin-content-docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 86dff79d0af7..2ef26659a3fa 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/i18n/zh/docusaurus-plugin-content-docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -31,6 +31,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Groups Mapper` | | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `groups` | + | `Full group path` | `OFF` | | `Add to ID token` | `OFF` | | `Add to access token` | `OFF` | | `Add to user info` | `ON` | @@ -42,6 +43,7 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Name` | `Client Audience` | | `Mapper Type` | `Audience` | | `Included Client Audience` | <CLIENT_NAME> | + | `Add to ID token` | `OFF` | | `Add to access token` | `ON` | - 使用以下设置创建一个新的 "Groups Path": @@ -52,8 +54,15 @@ description: 创建 Keycloak OpenID Connect (OIDC) 客户端并配置 Rancher | `Mapper Type` | `Group Membership` | | `Token Claim Name` | `full_group_path` | | `Full group path` | `ON` | + | `Add to ID token` | `ON` | + | `Add to access token` | `ON` | | `Add to user info` | `ON` | +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## 在 Rancher 中配置 Keycloak 1. 在 Rancher UI 中,单击 **☰ > 用户 & 认证**。 diff --git a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 2a30782e76cd..caec0cd99a32 100644 --- a/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/versioned_docs/version-2.6/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -35,6 +35,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Groups Mapper` `Mapper Type` | `Group Membership` `Token Claim Name` | `groups` + `Full group path` | `OFF` `Add to ID token` | `OFF` `Add to access token` | `OFF` `Add to user info` | `ON` @@ -46,6 +47,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Client Audience` `Mapper Type` | `Audience` `Included Client Audience` | <CLIENT_NAME> + `Add to ID token` | `OFF` `Add to access token` | `ON` - Create a new "Groups Path" with the settings below. @@ -56,8 +58,15 @@ If you have an existing configuration using the SAML protocol and want to switch `Mapper Type` | `Group Membership` `Token Claim Name` | `full_group_path` `Full group path` | `ON` + `Add to ID token` | `ON` + `Add to access token` | `ON` `Add to user info` | `ON` +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## Configuring Keycloak in Rancher 1. In the Rancher UI, click **☰ > Users & Authentication**. diff --git a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 2a30782e76cd..caec0cd99a32 100644 --- a/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/versioned_docs/version-2.7/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -35,6 +35,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Groups Mapper` `Mapper Type` | `Group Membership` `Token Claim Name` | `groups` + `Full group path` | `OFF` `Add to ID token` | `OFF` `Add to access token` | `OFF` `Add to user info` | `ON` @@ -46,6 +47,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Client Audience` `Mapper Type` | `Audience` `Included Client Audience` | <CLIENT_NAME> + `Add to ID token` | `OFF` `Add to access token` | `ON` - Create a new "Groups Path" with the settings below. @@ -56,8 +58,15 @@ If you have an existing configuration using the SAML protocol and want to switch `Mapper Type` | `Group Membership` `Token Claim Name` | `full_group_path` `Full group path` | `ON` + `Add to ID token` | `ON` + `Add to access token` | `ON` `Add to user info` | `ON` +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## Configuring Keycloak in Rancher 1. In the Rancher UI, click **☰ > Users & Authentication**. diff --git a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 2a30782e76cd..caec0cd99a32 100644 --- a/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/versioned_docs/version-2.8/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -35,6 +35,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Groups Mapper` `Mapper Type` | `Group Membership` `Token Claim Name` | `groups` + `Full group path` | `OFF` `Add to ID token` | `OFF` `Add to access token` | `OFF` `Add to user info` | `ON` @@ -46,6 +47,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Client Audience` `Mapper Type` | `Audience` `Included Client Audience` | <CLIENT_NAME> + `Add to ID token` | `OFF` `Add to access token` | `ON` - Create a new "Groups Path" with the settings below. @@ -56,8 +58,15 @@ If you have an existing configuration using the SAML protocol and want to switch `Mapper Type` | `Group Membership` `Token Claim Name` | `full_group_path` `Full group path` | `ON` + `Add to ID token` | `ON` + `Add to access token` | `ON` `Add to user info` | `ON` +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## Configuring Keycloak in Rancher 1. In the Rancher UI, click **☰ > Users & Authentication**. diff --git a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md index 2a30782e76cd..caec0cd99a32 100644 --- a/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md +++ b/versioned_docs/version-2.9/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-keycloak-oidc.md @@ -35,6 +35,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Groups Mapper` `Mapper Type` | `Group Membership` `Token Claim Name` | `groups` + `Full group path` | `OFF` `Add to ID token` | `OFF` `Add to access token` | `OFF` `Add to user info` | `ON` @@ -46,6 +47,7 @@ If you have an existing configuration using the SAML protocol and want to switch `Name` | `Client Audience` `Mapper Type` | `Audience` `Included Client Audience` | <CLIENT_NAME> + `Add to ID token` | `OFF` `Add to access token` | `ON` - Create a new "Groups Path" with the settings below. @@ -56,8 +58,15 @@ If you have an existing configuration using the SAML protocol and want to switch `Mapper Type` | `Group Membership` `Token Claim Name` | `full_group_path` `Full group path` | `ON` + `Add to ID token` | `ON` + `Add to access token` | `ON` `Add to user info` | `ON` +- Go to **Role Mappings > Client Roles > realm-management** and add the following Role Mappings to all users or groups that need to query the Keycloak users. + - query-users + - query-groups + - view-users + ## Configuring Keycloak in Rancher 1. In the Rancher UI, click **☰ > Users & Authentication**.