Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

OpenID Connect Keycloak SSO config properties unclear

andresvds
New Contributor II
New Contributor II

‎04/03/2023 03:02 AM

Hello everyone!

I am currently trying to configure Open IDC (using Keycloak) Single Sign On. I updated the externalconfig.properties with all the Keycloak information required. You can see my current setup in the screenshot below. I think most properties are defined correctly. But what I dont really understand is the MSOPENID.USERNAMEINJSON property. Should this just be a random account that exists on the Saviynt? I understand the documentation but the example given is with Okta.

If I do a Postman call after restarting my Saviynt application I get that the upn usernameinjson is not found (which is logical because I currently dont understand what to put there). What am I doing wrong here, Am I missing something and what should be in the json username property...

Really appreciate your time and help!

andresvds_0-1680516083261.png

andresvds_1-1680516095769.png

Labels:
0 Kudos
6 REPLIES 6

DixshantValecha
Saviynt Employee
Saviynt Employee

‎04/03/2023 03:37 AM

 

In your externalconfig.properties file, change the value of MSOPENID.USERNAMEINJSON to "preferred_username" and restart your Saviynt application. Then try your Postman call again to see if the issue is resolved.

Please validate and let us know if further details are needed on this.

andresvds
New Contributor II
New Contributor II
In response to DixshantValecha

‎04/03/2023 04:21 AM

Hi, thank for you suggestion. Unfortunately I just tried this and it still returns the same error. -> "ERROR""JSONObject[\"\\\"preferred_username\\\"\"] not found."

0 Kudos

DixshantValecha
Saviynt Employee
Saviynt Employee

‎04/03/2023 04:31 AM

Please let us know if you restarted your Saviynt application after making those changes.

andresvds
New Contributor II
New Contributor II
In response to DixshantValecha

‎04/03/2023 04:32 AM

I did restart the Saviynt application + waited 20 minutes before testing again.

0 Kudos

andresvds
New Contributor II
New Contributor II
In response to DixshantValecha

‎04/03/2023 05:44 AM

After another restart + changing my API url I now get a 200 return, does this mean the SSO should work now? I am still a little bit confused about how I test this, there is also no SSO option on the Saviynt login page, it's just the same username password login page as always, should there be another option?

andresvds_0-1680525830233.png

 

0 Kudos

DixshantValecha
Saviynt Employee
Saviynt Employee

‎04/04/2023 06:57 AM

Please be informed that for detailed information on configuring Single Sign-On (SSO) with OpenID, we would like to refer you to the following document link:- https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter06-EIC-Configurations/Config....

Kindly review the document and let us know if you require any further details or assistance.

0 Kudos
Copyright © 2024 Khoros, LLC