Hi Hector, I am trying the Keycloak OIDC configuration, which was added pretty recently.
``` [sssd] config_file_version = 2 services = nss, pam domains = domain1 [domain/domain1] idp_type = keycloak:https://keycloak:8443/admin/realms/master/ id_provider = idp # no authentication via sssd # auth_provider = idp auto_private_groups = true use_fully_qualified_names = false debug_level = 9 idp_client_id = myclient idp_client_secret = abcdefghijklmnopq idp_token_endpoint = https://keycloak:8443/realms/master/protocol/openid-connect/token idp_userinfo_endpoint = https://keycloak:8443/realms/master/protocol/openid-connect/userinfo idp_device_auth_endpoint = https://keycloak:8443/realms/master/protocol/openid-connect/auth/device idp_id_scope = profile idp_auth_scope = openid profile email # Important for device flow cache_credentials = false [nss] debug_level = 9 default_shell = /bin/bash override_shell = /bin/bash override_homedir = /home/%u fallback_homedir = /home/%f ``` Is your use case similar or do you link it up with ipa (similar to https://github.com/SSSD/sssd/issues/8022) ? ** Bug watch added: github.com/SSSD/sssd/issues #8022 https://github.com/SSSD/sssd/issues/8022 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2131155 Title: sssd-idp package missing libsss_idp.so To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/2131155/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
