Openid connect for single sign-on

Hi
We use keycloak (openid connect tokens ) to single logon in our domain.
I need to be able to connect to Graylog using an existing openid token.
There was a plugin in developement but it seems to have stalled. I looked at the SSO authenticator. plugin but it’s not for this.
Has anyone any idea how I could achieve this?
I’m currently running version 3.3 on ubuntu 20 but moving to version 4 is an option if It presents a solution.
Many thanks
Peter

Hello,

I also have Keycloak and with the new version GL 4.0 were unable to use SSO.
Before upgrading you might want to look at this.
https://docs.graylog.org/en/4.0/pages/upgrade/graylog-4.0.html#sso-authentication-plugin

Were using MS AD for authentication. Graylog does have a HTTP header as shown below.

Maybe in the near future this might happen.
Hope that helps

Hi
Thanks for your reply.
I don’t really understand how the trusted header works. (where it comes from) I Haven’t found any documentation that explains how to create this trusted header. Our GL is behind a nginx reverse proxy so I guess I will need to make some changes here to forward the header but I don’t know how to create it …
Any help would be appreciated
Peter

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.