Keycloak

WunderGraph relies on OpenID Connect (OIDC) Identity Providers to be able to authenticate users.

Open your project's wundergraph.config.ts and scroll down to the authentication object. Inside the nested cookieBased object is a nested array object called providers. Inside this array, add an openIDConnect auth provider as shown below:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
// wundergraph.config.ts
authentication: {
  cookieBased: {
    providers: [
      authProviders.openIDConnect({
        id: 'keycloak', // you have to choose this ID
        issuer: 'XXX',
        clientId: 'XXX',
        clientSecret: 'XXX',
      }),
    ];
  }
  // ...
}

You must supply an object inside the auth provider that contains three properties, three of which come from your Keycloak provider.

  • id: your choice of unique id that identifies the provider (used to refer elsewhere to this specific provider)
  • issuer: the issuer provided by your Keycloak provider
  • clientId: the client ID provided by your Keycloak provider
  • clientSecret: the client secret provided by your Keycloak provider

Consider storing your IDs and secrets inside a .env file.

Running Keycloak

You can follow this example project if you need help running Keycloak.

Previous
Auth0
Next
GitHub

Was this article helpful to you?
Provide feedback

Edit this page