Hi all,
I have a few question about the implementation of Open ID Connect in Saviynt. I configured Open ID connect just like the documentation (except for using Okta or Azure AD I am using Key cloak). There are still a few points unclear that I don't understand:
1. Where can I see more login logs? I now always look for logs in Admin Function -> Application logs, but the only logs there that have something to do with the SSO are these (see screenshot), no errors or warnings...
2. How does Saviynt connect with the Keycloak instance? I assume there should be a redirect when restarting the application? The external login process on Saviynt isn't mentioned in the documentation anywhere.
3. I have already configured SSO / Key cloak on other software and most of the time I have to pass my Client secret in my config files as well. This isn't the case in the documentation example of the externalconfig.properties file. Can this work without a IDP secret or do I have to add something like msopenid.clientsecret too?
4. In other software where I used SSO / Key cloak, there always had to be a matching user in the users database as well (so the IDP could match the Keycloak user with a user in Saviynt). Is this the case here as well? Or can the SSO create a new Saviynt user automatically?
I feel like were very close but the main problem is a lack of logs, no errors and no redirect.
Any help is much appreciated!!
Here is my configuration file:
