Hello!
Thank you for your answer!
I run docker Keycloak on default setting.
Looks like there no built in scope "groups"
But i can try to add it!
Can you show how it looks like on your side?(scope,mappers and other settings?)
Thank you in advance!
04.01.2021, 16:10, "Tim Worcester" <[email protected]>:
I have seen this issue for Keycloak specifically, can you list your client scopes? It should look something like this:I would make sure that email, groups and profile are in your default client scope. That resolved the issue for me.On Mon, Jan 4, 2021 at 5:23 AM Владислав Львов <[email protected]> wrote:Hello!Thank you for your answer!Is there any workaround?Looks like Gluu allways use state parameter and there is no way to turn it off :(Only thing that i could find is here - https://gluu.org/docs/gluu-server/4.2/api-guide/openid-connect-api/state - false :(03.01.2021, 23:32, "Nick Couchman" <[email protected]>:On Sun, Jan 3, 2021 at 2:38 PM Владислав Львов <[email protected]> wrote:Hello!I need help with OpenIDMy project:I need to provide users with access to remote desktops (RDP) via browser.But I want to use standalone server like Gluu (the one that we are currently using) or even better - Keycloak, so we won't have to use Guacamole for authorization. I tested both of them, the result looks quite the same....Now setup is over. I open browser and try to go to https://guac.homelabI enter login and password and get into the loop as it's shown in the videos:It's possible you're running into this issue:Certain OpenID providers require the "state" parameter, even though the specification for that flow doesn't explicitly call it out.Guacamole logs are attached below or available here: https://dropmefiles.com/d2D95Can you tell me what am I doing wrong?My colleagues suggest that the problem could be in the character #, which is used by Guacamole. Could it be the reason of the issue?No, I don't think the "#" in the URL is causing an issue - I believe it's likely the lack of the state parameter.-Nick--________________Львов Влад
--
________________
Львов Влад
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
