Keycloak as OpenId provider

(Ahammi) #1

Dear all,

I am working on DHIS2 integration with Keycloak ( The idea is to delegate the user authentication from dhis2 to keycloak. I found that we can configure dhis2 to do that by enabling the openid support ( However, it doesn’t work.
Here are what I did :
1- Within Keycloak: I created openid client called dhis2:

2- Withi dhis2 : I filled the OpenID provider and Label fields to refer to keycloak :

I tried many URLs :

  1. I created new user in dhis2 (I also created a user with the same name in keycloak) and I filled the openid :

When I open dhis2 login page, I got new added button, but when I click I am forwarded to the login page again:

I looked into the dhis log file and every time I click on the button, this error message appears:

_ERROR 2019-02-06 11:35:52,953 Association attempt, but no discovery endpoints provided. ( [http-bio-8081-exec-9])

Do you have any idea about that issue ? it looks like the openid provider url is not good, however I am wondering what we should put exactly on these fields:
OpenId provider under Access and OpenId under user ?
Many thanks in advance.