Hi everyone, i need help with accessing the keycloak instance , in entando , according to the the documentation , its says i need to query the entando secret and the query the keycloack admin instance using that secret, the details i get dont work when loging in.
querying a secret
kubectl get secrets -n
getting admin details for keycloack instance
kubectl get secret kc-admin-secret -n -o go-template="{{println}}Username: {{.data.username | base64decode}}{{println}}Password: {{.data.password | base64decode}}{{println}}{{println}}"
Any help as to why it doesnt work
please help
Thank you
Hi, @Warington.
You didn’t mention which version of Entando you’re using but if you recently installed Entando you’re likely on Entando 7 and the name of the keycloak admin secret has changed.
ent kubectl get secret default-sso-in-namespace-admin-secret -n entando -o go-template="{{println}}Username: {{.data.username | base64decode}}{{println}}Password: {{.data.password | base64decode}}{{println}}{{println}}"
See https://developer.entando.com/v7.0/docs/consume/identity-management.html for more details.
If that doesn’t work please provide more information about your instance (Entando version, k8s version, etc.) as well as the output of the commands.
Cheers,
Nathan
hi @nathan.shaw Thanks for your response
I am currently using entando 7 , I also used the same documentation you shared.
Unfortunately I am still facing the same problem.
I have attached some images I hope it helps with the analysis.
Thank you
Warington
Hi, @Warington
All of that looks good but I have one more question. Could you please confirm you’re using the Keycloak ingress endpoint (it should end in /auth)? That entando_keycloak_admin user will only work in the Keycloak UI, not in Entando App Builder or App Engine. You should see the Keycloak/SSO landing page before the login screen if you’re hitting Keycloak.
Cheers,
Nathan
hi @nathan.shaw thanks for the feedback , can you please provide me documantation on how to set up keycloak for entando .
Hi there,
@Warington not sure if you fixed your issue but there is how I access my Keycloak UI installed with Entando:
1/ Get the username and password
ent kubectl get secret default-sso-in-namespace-admin-secret -n entando -o go-template="{{println}}Username: {{.data.username | base64decode}}{{println}}Password: {{.data.password | base64decode}}{{println}}{{println}}"
I think you have already done that. Let’s say from your example its:
username: entando_keycloak_admin
password: c77b07…
2/ Access to the keycloak UI
The keycloak installed with Entando is available on the same URL as the App Builder but the final path is different:
/auth instead of /app.
For my local environment, that means I have the following URLs
Of course, regarding your environment, the base URL should be different. This example is taken from a “Quickstart” installation, with the Ent CLI.
One important thing, is to access both app builder and Keycloak you need to log in and the form looks the same.
To access the App Builder you can use the default admin/adminadmin account but for keycloak you have to retrieve the credentials from step one above.
I hope my answer can help you.
Let me know if it solves your issue.
Anthony
hi @a.viard yes i managed to fix the problem
