ENABLE_OAUTH = True
# required in my case, my reverse proxy is a dedicated machine and seahub runs on 0.0.0.0:8080
OAUTH_ENABLE_INSECURE_TRANSPORT = True
OAUTH_CLIENT_ID = "YYYYY"
OAUTH_CLIENT_SECRET = "XXXXXXXXXXXXXXXXXXXXXX"
OAUTH_REDIRECT_URL = 'https://sync.domain.tld/oauth/callback/'
OAUTH_PROVIDER_DOMAIN = 'login.domain.tld'
OAUTH_AUTHORIZATION_URL = 'https://login.domain.tld/auth/realms/<Realm>/protocol/openid-connect/auth'
OAUTH_TOKEN_URL = 'https://login.domain.tld/auth/realms/<Realm>/protocol/openid-connect/token'
OAUTH_USER_INFO_URL = 'https://login.domain.tld/auth/realms/<Realm>/protocol/openid-connect/userinfo'
OAUTH_SCOPE = ["profile","email","name"]
OAUTH_ATTRIBUTE_MAP = {
"email": (True, "email"),
"id": (False, "email"),
"name": (False, "name")
}
In Keycloak i created a new client scope, “name” which contains the full name for the user.
Profile and email are in there by default, profile could/can be removed afaik.
Hey! Thank you very much for your reply. I have tried your solution but I am still getting the same error. Maybe it is something to do with my Keycloak setup. I was wondering if you would be able to share a bit more information on that side of things?