diff options
Diffstat (limited to 'doc/source/howtos/openid-with-keycloak.rst')
| -rw-r--r-- | doc/source/howtos/openid-with-keycloak.rst | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/source/howtos/openid-with-keycloak.rst b/doc/source/howtos/openid-with-keycloak.rst index 74d3a27c0..7fb258fea 100644 --- a/doc/source/howtos/openid-with-keycloak.rst +++ b/doc/source/howtos/openid-with-keycloak.rst @@ -73,6 +73,19 @@ Finally, go back to the clients list and pick the ``zuul`` client again. Click on ``Client Scopes``, and add the ``zuul_aud`` scope to the ``Assigned Default Client Scopes``. +Configuring JWT signing algorithms +.................................. + +.. note:: + + Skip this step if you are using a keycloak version prior to 18.0. + +Due to current limitations with the pyJWT library, Zuul does not support every default +signing algorithm used by Keycloak. + +Go to `my_realm->Settings->Keys`, then choose `rsa-enc-generated` (this should be mapped +to "RSA-OAEP") if available. Then set `enabled` to false and save your changes. + (Optional) Set up a social identity provider ............................................ |