- GoCD server version v17.5.0 or above
- Keycloak API documentation
Copy the file build/libs/keycloak-oauth-authorization-plugin-VERSION.jar to the GoCD server under ${GO_SERVER_DIR}/plugins/external
and restart the server. The GO_SERVER_DIR is usually /var/lib/go-server on Linux and C:\Program Files\Go Server
on Windows.
Provide details of the Keycloak server to connect to via an Authorization Configuration.
- Sign in Keycloak Console
- Select the realm that you want to configure. Ex. Master
- Click in Clients menu
- Click Add button
- On the form insert the client name
- On the next page, set these configs:
- In Access Type select Confidential
- In Valid Redirect URIs insert the URL of GoCD, ex.: http://localhost:8153
- In Credentials tab copy value of Secret
- Sign in Keycloak Console
- Select the realm that you want to configure. Ex. Master
- Click in Groups menu
- Click Add Group button
- Insert the name of Group and the description
- Save the Group
- Select the user that you want to configure this role
- Select Groups tab and select the group in Available Groups
Obs.: By default Keycloak do not provide group definition on user session, to get this, edit profile scope and add groups in Mappers tab, the scope needs to be added as builtin.