Hi folks
I have a Vikunja instance (0.23.0) running in docker, with a separate mysql image for the database and all appears to be running correctly.
I have configured OpenID with Keycloak as the IDM, and I am able to authenticate with Keycloak and have a new account created in Vikunja.
However when attempting to assign users to teams nothing appears to be happening in Vikunja. The account logs in, but no teams appear to be created.
I’ve done a packet capture, and can see the request from Vikunja to the IDM requesting the ID token, and I can see that the “vikunjas_groups” claim is being presented as per the documentation. But still teams do not appear to be created. It’s baffliing me.
coinfig.yml:
openid:
enabled: true
redirecturl: https://boards.private/auth/openid/
providers:
- name: keycloak
authurl: https://id.private/realms/NrrdLabs
logouturl: https://id.private/realms/NrrdLabs/protocol/openid-connect/logout
clientid: vikunja-boards
clientsecret: SHUSH
scope: openid profile email vikunja_scope
local:
enabled: false
id_token (from packet capture)
"exp": 1712778395,
"iat": 1712778095,
"auth_time": 1712778095,
"jti": "9e8b409a-c094-4251-9b47-f9ac1b2dbda4",
"iss": "https://id.private/realms/NrrdLabs",
"aud": "vikunja-boards",
"sub": "7a81ec12-27bf-475a-ae76-c0fae6231c74",
"typ": "ID",
"azp": "vikunja-boards",
"session_state": "d43d1cd5-54d1-4b2a-a8f6-a92b8a89ec99",
"at_hash": "SB-jpD4v299Hu2m6YeQPCg",
"acr": "1",
"sid": "d43d1cd5-54d1-4b2a-a8f6-a92b8a89ec99",
"email_verified": true,
"name": "DJ Nrrd",
"vikunja_groups": [
{
"oidcID": "d9f686f4-8731-4238-9adb-856272947256",
"name": "Bot Wranglers",
"isPublic": true
},
{
"oidcID": "14f79004-b969-4572-bf83-581fbda630de",
"name": "Content Editors",
"isPublic": true
}
],
"preferred_username": "djnrrd",
"given_name": "DJ",
"family_name": "Nrrd",
"email": "djnrrd@email"
}