fiwarefiware-orionfiware-wilmafiware-keyrock

Orion APIs authentication through Keycloak


I want to add authentication on my Orion APIs through my Keycloak IdM. I know it is possible to use Orion together Pep Proxy Wilma and Keyrock to do this task, and a possible workaround can be to integrate keyrock with keycloak at this link (7 years ago).

Do you have some news or suggestion about this?

Thank you in advance.


Solution

  • And the kong.yml file is:

    _format_version: "2.1"
    _transform: true
    
    services:
      - host: "orion_ip"
        name: "orion"
        path: "/v2"
        port: 1026
        protocol: http
    
        routes:
          - name: orion
            paths:
              - /orion
            strip_path: true
    
        plugins:
          - name: pep-plugin
            config:
              authorizationendpointtype: Keycloak
              authorizationendpointaddress: https://keycloak_ip
              keycloakrealm: myrealm
              keycloakclientid: clientid
              keycloakclientsecret: clientsecret
              keycloackadditionalclaims:
                "http.fiware-servicepath": "fiware-servicepath"
                "http.fiware-service": "fiware-service"