TPI.devCommunityGithubLinkedIn

Creating a Client in digiRunner and Connecting to Keycloak via GTW OAuth 2.0 IdP

This section explains how to create a client in digiRunner and configure it to integrate with Keycloak using the GTW OAuth 2.0 IdP mechanism. This setup enables secure API access through OpenID Connect (OIDC).

Creating an API Client in digiRunner

  1. Log in to the digiRunner Admin Console, and go to Client Management > API Client to access the client management page.

  2. Click Create to access the client creation page, and fill in the fields as instructed below:

  • Client name: Enter a meaningful name to identify the client.

  • Display name and Client ID (username): It is recommended to keep these values consistent with the Client name for easier management.

  • Password and Confirm password: Enter and confirm a password for the client.

  • Note: Optional. Add any remarks or labels for reference.

  • Status: Set to Active to enable the client.

  • API Audience: Keep the default setting unless customization is required.

  1. Click Create to complete the client creation.

Configuring the Redirect URI for Postman Testing

  1. Once the client is created, return to the API Client list.

  2. Locate the newly created client and click on the (Security) icon to access security settings.

  1. In the Default Redirect URI field, enter the following URL: https://oauth.pstmn.io/v1/callback. This is Postman’s default callback URL for receiving authorization responses.

  2. Click Update to apply the changes.

Configuring the GTW OAuth 2.0 IdP for Keycloak Integration

  1. First, go to Client Management > GTW OAuth 2.0 IdP to access the IDP management page.

  2. Select the corresponding client and click on the (Details) icon to view the IDP integration settings.

  1. Click Create to access the integration configuration page, and fill in the fields as instructed below:

  • Enable: Set to Y to activate the IDP integration.

  • Type: Select OIDC (OpenID Connect) from the drop-down menu.

  • IdP Client ID: Enter the Client ID previously configured in Keycloak.

  • IdP Client Name: Optional. Enter a meaningful name to identify the IdP integration.

  • IdP Client Secret: Enter the Client Secret copied from Keycloak.

  • dgR Callback URL: Enter the following callback URL for digiRunner, the callback endpoint where digiRunner receives the authorization response: https://{{ip}}:{{port}}/dgrv4/ssotoken/gtwidp/OIDC/gtwIdPCallback

  • IdP Well Known URL: Enter the Well-Known URL of Keycloak, the URL used to automatically discover the OpenID configuration: http://{{ip}}:{{port}}/realms/D5SIT/.well-known/openid-configuration

  • IdP Scope: Enter the following scopes: openid email profile, the scope required to retrieve basic user information during authentication.

  1. Once all fields are configured, click Create to complete the IdP integration setup.

PreviousConfiguring Keycloak Client with PKCE and Registering a UserNextObtaining an Access Token via Postman Using OAuth 2.0

Last updated

Was this helpful?