feat: keycloak (WIP) #817
feat: keycloak (WIP) #817
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 9519583 | Triggered | Username Password | a853330 | keycloak/docker-compose.yaml | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secret safely. Learn here the best practices.
- Revoke and rotate this secret.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
|
Closing until we further get to this |
|
@talboren Hi, why is this closed? Thanks |
Closed until we get more time to work on this integration |
|
@lukasmrtvy any context on why you interested in Keycloak? |
|
Is there a timeline of when Keycloak (or generic oidc) will be integrated to Keephq?? We have a centralized login system for all our application using Keycloak and it'll be a great help if we can get this up too. I will also be more than happy to assist you in developing this feature. |
|
@Shah-Panam I suggested a much easier implementation here #1203, but seems there is no progress so far. @shahargl friendly ping |
|
hey @Shah-Panam, @lukasmrtvy , as per @lukasmrtvy said, we discussed the option to support oauth2-proxy. It makes sense; maybe I'll prioritize it to push it this week or so. However, as I see it, it is pretty different from Keycloak since Keycloak gives much more power to Keep. For example, a user will be able to configure its IdP (e.g. okta) directly from Keep, or to later support group roles etc. (anyway, any contributions are welcome here and I'll be more than happy to help with the implementation) |
|
Hey @lukasmrtvy @shahargl , Any of the solution works for us. We can easily integrate keycloak with Oauth2-Proxy (we already have some services deployed that way). But as @shahargl said, giving option to configure openid connectors like Keycloak directly will give far more control over the authentication and authorization. Also, being able to integrate multiple Identity Providers will be an added benefit. I am mainly a DevOps engineer, but I will go through the code and see where I can help out! |
|
Hey @shahargl , Friendly ping. Is there any timeline on this? |
|
Hey @Shah-Panam, @lukasmrtvy, We're working on making this happen ASAP, but there are a few other items with higher priority right now. Looking forward to chatting! |
No description provided.