I have configured an OIDC provider (linked to a Keycloak OIDC provider) in Google Identity Platform console. This is the code in my single page app:
provider = new firebase.auth.OAuthProvider('oidc.keycloak');
firebaseAuth.auth.signInWithPopup(provider)
.then(value => {
log.info(`It worked!`, value);
})
.catch(err => {
log.info('Something went wrong:', err);
});
The popup window appears and I can login to Keycloak, but after the popup disappears the following error is thrown in the browser:
{code: "auth/admin-restricted-operation", message: "This operation is restricted to administrators only."}
I am using the latest versions of Firebase Client SDK and AngularFire2 and I have successfully configured Email/Password authentication. In Google Identity Platform I have:
Issuer (URL):
https://auth.example.com/auth/realms/myrealm
and Callback URL:
https://myapp-12345.firebaseapp.com/__/auth/handler
Is there an additional configuration in the client side that I need to do? Could the issue be with the OIDC provider (Keycloak) and its configuration?
It seems that you disabled user signup from the client SDK in your Google Cloud Identity Platform settings (in the Google Cloud Console). This is in the Settings section under User actions. The checkbox Enable create (sign-up) should be checked.