Does NodeBB provide support for a user database other than the one it builds in mongo? How would I integrate NodeBB with Keycloak?

David Sargrad

Hi again.. I just realized that the two client protocols supported by Keycloak are SAML, and OpenID Connect.

Not sure the OAuth2 plugin that you pointed me to aligns with either of these protocols... Thoughts?

julian

@David-Sargrad OIDC connect is OAuth2, so yes

There may be differences, but I'm talking in general

The plugin also supports the discovery URL, so just paste the provider domain and the plugin might even auto populated some of the other fields

julian

Once the plugin is active you'll need to configure the provider in the plugin settings

David Sargrad

I see.. the plugin settings within the ACL?

David Sargrad

As an aside, i can set breakpoints in nodebb.. if it helps in verfiying function..

David Sargrad

Trying to figure out where I can set the provider settings.. Interestingly I see a "Multiple OAuth2" option under Social Authentication. But when I click on it, it doesnt give me options to set.

David Sargrad

julian

Looks like you may need to run ./nodebb build

nhl.pl

One of the screenshots shows Node.js 16 in use and Node.js 18 or 20 is required.
https://community.nodebb.org/topic/17723/nodebb-3-6-0-minimum-nodejs-version

David Sargrad

hmm.. ok.. ty

David Sargrad

nodebb build now gives me an options menu

David Sargrad

do i really need to migrate to node 18 or 20.. it seems that things are working

julian

Some of our dependencies might require a newer version but most of NodeBB should work. Image resizing might not...

David Sargrad

ty.. at some point we will absolutely move to 18 or 20.. but im hoping to make progress with 16 for now.

David Sargrad

so it seems like i can define a provider now.. Not sure how to set this. I'll consult with some guys internally to see what i can learn about an "OAuth2 endpoint" exposed by Keycloak.

David Sargrad

Do I need full URL's in the following?

Are fields like the authorization url required? Is the client secret required? We do have a client id that has a secret.

What looks wrong in the following? I get an "invalid data" message when I attempt to confirm.

David Sargrad

Do I need full URL's in the following?

Are fields like the authorization url required? Is the client secret required? We do have a client id that has a secret.

What looks wrong in the following? I get an "invalid data" message when I attempt to confirm.

Apparently the client secret is required.

David Sargrad

I was able to get to the Keycloak login prompt:

However the following failure occurs when I login.

Currently using this configuration:

Looking in keycloak, it did create a session for that login

julian

What's the username of the user you're trying to log into? Sounds like there may be some incompatible characters.

David Sargrad

The username is "dave1".. the email is a fake email: [email protected]