Zammad - Keycloack OIDC
This document provides a step by step guide to connect Zammad with Keycloak OIDC.
Step 1: Configure your OP
Create a new client in keycloak in the realm that all users of people omni exist.
| Settings | Value |
|---|---|
| Client Type | OpenID Connect |
| Client ID | zammad |
| Client Authentication | Off |
| Authentication flow | Standard flow |
| Valid redirect URIs | https://people-helpdesk.westeurope.cloudapp.azure.com/auth/openid_connect/callback |
| Valid post logout redirect URIs | https://people-helpdesk.westeurope.cloudapp.azure.com/ |
| Web origins | + |
| Backchannel logout URL | https://people-helpdesk.westeurope.cloudapp.azure.com/auth/openid_connect/backchannel_logout |
Step 2: Configure Zammad
Enable OpenID Connect and enter your OP’s details in the Admin Panel under Settings > Security > Third Party Applications > Authentication via OpenID Connect:
| Settings | Value |
|---|---|
| Display Name | People Helpdesk |
| Identifier | zammad |
| Issuer | https://people-helpdesk.westeurope.cloudapp.azure.com:8443/realms/master |
| UID Field | sub |
| Scopes | openid email profile |
| PKCE | yes |
| Your callback URL | https://people-helpdesk.westeurope.cloudapp.azure.com/auth/openid_connect/callback |