Keycloak OIDCΒ #4525
Description
First off, thank you so much for your work!
I am trying to configure cozy-stack with Keycloak.
Looking at the OIDC documentation, I have this block:
authentication:
keycloak:
disable_password_authentication: true
oidc:
client_id: cozy
client_secret: secret-goes-here
scope: openid profile
login_domain: cozy.domain.com
redirect_uri: https://cozy.domain.com/oidc/redirect
authorize_url: https://auth.domain.com/realms/realmname/protocol/openid-connect/auth
token_url: https://auth.domain.com/realms/realmname/protocol/openid-connect/token
userinfo_url: https://auth.domain.com/realms/realmname/protocol/openid-connect/userinfo
userinfo_instance_field: preferred_username
allow_custom_instance: false
allow_oauth_token: false
id_token_jwk_url: https://auth.domain.com/realms/realmname/protocol/openid-connect/certs
I understand that cozy allows multi-tenancy/multiple instances in one server.
I only intend on running one domain.
Is there a way to bypass the userinfo_instance_field setting so I just point to cozy.domain.com instead of a numbered setup?