Hi!
I keep getting 401 (Unauthorized) when trying to login to NodeRed using Keycloak. Has anyone else encountered this?
How have you got it configured?
That error tells us it has failed to communicate with your keycloak server. Are you running keycloak on the same machine as Node-RED? Is it running in docker or anything else relevant like that?
The setup is in Kubernetes managed by Rancher. Node-RED and Keycloak are running in separate containers within the same Kubernetes cluster.
I got it configured in the settings file like this:
adminAuth: {
type: "strategy",
strategy: {
name: "Keycloak",
label: 'Authenticate with Keycloak',
icon: "fa-lock",
strategy: require("@exlinc/keycloak-passport"),
options: {
authorizationURL: "https://127.0.0.1:8443/realms/test-realm/protocol/openid-connect/auth",
tokenURL: "https://127.0.0.1:8443/realms/test-realm/protocol/openid-connect/token",
userInfoURL: "https://127.0.0.1:8443/realms/test-realm/protocol/openid-connect/userinfo",
host: "http://localhost:1880",
realm: "test-realm",
clientID: "nodered",
clientSecret: "****************",
callbackURL: "/auth/strategy/callback",
verify: function (accessToken, refreshToken, profile, done) {
done(null, profile);
}
}
},
users: [{ username: "lisa", permissions: ["*"] }]
},
Keycloak client config:
If they are running in separate containers, then you need to use the external IP of keycloak rather than 127.0.0.1 in your Node-RED configuration.
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
