Configuring nodebb-plugin-fusionauth-oidc settings at runtime

General Discussion
  • We are using nodebb-plugin-fusionauth-oidc to authenticate users through Keycloak OIDC server and it's working perfectly. But we now have users in different realms in Keycloak and thus the authorization endpoints and client secret would be different based on the selected realm. Is it possible to modify the OIDC configuration at runtime based on some query parameters in the URL?

  • @Neeru-Gupta this is something you'd have to take up with the FusionAuth people directly as they maintain the plugin 🙂

  • @Neeru-Gupta We tried using the same plugin,nodebb-plugin-fusionauth-oidc for authenticating through the keycloak provider but While rebuilding & restarting after installing our Nodebb app breaks. We are unable to proceed further. We have to again clone the whole code to get started with.
    Could you please share with me the steps on how you have done & configured it?
    We are using another plugin now as nodebb-plugin-sso-oidc which we are able to install & configure. But we are getting SSL protocol error while trying to login

Suggested Topics

  • 0 Votes
    1 Posts


    I am trying to setup nodebb with haproxy instead of nginx as frontend. Everything seam to be working however I am getting lots of 403 on / requests.

    frontend http-in mode http bind redirect scheme https code 301 if !{ ssl_fc } frontend https-in bind ssl crt /etc/letsencrypt/live/test/test.pem http-response set-header strict-transport-security "max-age=31536000; includeSubDomains" http-response set-header Content-Security-Policy "default-src 'self' wss: https: **; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https:; img-src 'self' data:; font-src 'self' https:" http-response set-header X-XSS-Protection "1; mode=block" http-response set-header X-Content-Type-Options "nosniff" http-response set-header Referrer-Policy "no-referrer" reqadd X-Forwarded-Proto:\ https acl is_websocket hdr(Upgrade) -i WebSocket acl is_websocket path_sub -i / use_backend bk_ws if is_websocket acl acl_comments path_beg -i /comments use_backend comments if acl_comments backend comments mode http balance leastconn timeout connect 1s timeout server 600s timeout queue 600s option redispatch retries 3 acl is_woff capture.req.uri -m sub .woff acl is_ttf capture.req.uri -m sub .ttf acl is_eot capture.req.uri -m sub .eot http-response set-header Cache-Control public if is_eot or is_woff or is_ttf http-response set-header Expires -1 if is_eot or is_woff or is_ttf http-response set-header Pragma cache if is_eot or is_woff or is_ttf cookie nodebb insert indirect nocache secure server node1 cookie nodebb_node1 check inter 1000 fastinter 500 rise 2 fall 1 server node2 cookie nodebb_node2 check inter 1000 fastinter 500 rise 2 fall 1 backend bk_ws option redispatch balance roundrobin option forwardfor option httpclose server node1 maxconn 30000 weight 10 cookie ws_node1 check server node2 maxconn 30000 weight 10 cookie ws_node2 check```

    I have tried to connect directly without haproxy and the websockets are connecting correctly. However I've seen that using the haproxy the websocket protocol changed from wss to https.

    Any suggestions on how to fix this?

  • 0 Votes
    1 Posts

    hello, I got a problem about the plugin-solr,my nodebb is based on Chinese,when I use solr plugin,it does not work,the result is wrong,

  • 0 Votes
    11 Posts

    @julian i remove the fonts of googleapi, it works ok.
    but when I add search Plugin and reindex
    I cann't search also.I got the error upload-f4466513-629c-4ea8-ac41-f50f6013f353

  • 0 Votes
    4 Posts

    Oh yeah just realized reading it again 😛 sorry

    Check out this is you need better hosting 😄

  • 4 Votes
    10 Posts

    @trevor You may have had some on your forum too, i mentioned it in the post to show the people that there was other themes as they all seemed to complain about was the theme here.