Reading list Switch to dark mode

    Guide for Magento 2 Keycloak (SSO)Login

    Updated 5 May 2023

    Magento 2 Keycloak (SSO) Login allows the users to log in to the Magento 2 store in a single click with their Keycloak account. It enables the Magento 2 store admin to allow its users to enter the credentials only one time.

    The module gives the Magento 2 website users ease to sign in with their keycloak account.

    Keycloak- Keycloak is an open-source software solution that enables single sign-on with Identity and Access Management for modern applications and services.

    Moreover, It offers multiple features such as;  Single-Sign-On (SSO), Identity Brokering and Social Login, User Federation, Client Adapters, an Admin Console, and an Account Management Console.

    Check the overview of the plugin in the video mentioned-below –

    Start your headless eCommerce
    now.
    Find out More
    6pCykjSTpU0

    Features- Magento 2 Keycloak (SSO) Login

    • The customers can log in with their Keycloak with a single click.
    • The customers have to enter their keycloak credentials only one time at the time of login.
    • The customer can create their Magento 2 account with a single click.
    • The users need to enter their username and password of Keycloak account only one time.

    Install an Extension from Webkul Store

    #1 Download Module

    Firstly, you need to log in to Webkul Store, go to My Account>My Purchased Products section, verify and then download and extract the contents of this zip folder on the system.

    #2 Upload Folder

    Once the module zip is extracted, follow path src>app and then copy the app folder into the Adobe Commerce Cloud root directory on the server as shown below:

    Installation Of Show Price After Login for Magento2

    #3 Run Commands

    After uploading the module folder, you need to run the following commands in the Magento 2 root directory:

    php bin/magento setup:upgrade
    php bin/magento setup:di:compile
    php bin/magento setup:static-content:deploy
    php bin/magento indexer:reindex
    php bin/magento cache:flush

    The list of steps to install Keycloak for Ubuntu is provided below.

    To install and configure KeyCloak on Ubuntu, follow these steps:

    First, update the system.

    apt-get update

    Install Java in step two.

    apt-get install default-jdk
    • Check the Java version.
    java -version

    Download and install KeyCloak in step 3.

    cd /opt/
    wget https://github.com/keycloak/keycloak/releases/download/15.0.2/keycloak-15.0.2.tar.gz
    • Extract the folder that you downloaded.
    tar -xvf keycloak-15.0.2.tar.gz
    • Change the name
    mv keycloak-15.0.2 keycloak
    • Create a user and group.
    groupadd keycloak
    useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak
    • Give ownership permission
    chown -R keycloak: keycloak
    chmod o+x /opt/keycloak/bin/

    Configure the KeyCloak in step 4.

    cd /etc/
    mkdir keycloak
    • Copy the configuration files listed below.
    cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.conf /etc/keycloak/keycloak.conf
    cp /opt/keycloak/docs/contrib/scripts/systemd/launch.sh /opt/keycloak/bin/
    • Provide the ownership permission.
    chown keycloak: /opt/keycloak/bin/launch.sh
    • Open the launch.sh configuration file.
    vim /opt/keycloak/bin/launch.sh
    • Edit the following line:
    WILDFLY_HOME="/opt/keycloak"
    • Save the file.

    Create a Systemd Service File in step 5.

    • Copy the file.
    cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.service /etc/systemd/system/keycloak.service
    • Open the keycloak.service file.
    vim /etc/systemd/system/keycloak.service
    • Update and edit the following lines
    [Unit]
    Description=The Keycloak Server
    After=syslog.target network.target
    Before=httpd.service[Service]
    Environment=LAUNCH_JBOSS_IN_BACKGROUND=1
    EnvironmentFile=/etc/keycloak/keycloak.conf
    User=keycloak
    Group=keycloak
    LimitNOFILE=102642
    PIDFile=/var/run/keycloak/keycloak.pid
    ExecStart=/opt/keycloak/bin/launch.sh $WILDFLY_MODE $WILDFLY_CONFIG $WILDFLY_BIND
    StandardOutput=null[Install]
    WantedBy=multi-user.target
    • Reload, enable, and launch the keycloak service.
    systemctl daemon-reload
    systemctl enable keycloak
    systemctl start keycloak
    • Check the status of Keycloak.
    systemctl status keycloak
    • Examine the Keycloak server log.
    tail -f /opt/keycloak/standalone/log/server.log

    Create an admin user for Keycloak in step 6.

    /opt/keycloak/bin/add-user-keycloak.sh -u admin
    • Set the password.
    • Restart the Keycloak service.
    systemctl restart keycloak
    • To disable the HTTPS for Keycloak.
    /opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin
    • The admin password must be given.
    • Run the next command to disable HTTPS.
    /opt/keycloak/bin/kcadm.sh update realms/master -s sslRequired=NONE

    Open the KeyCloak web interface in step 7.

    http://server-ip:8080
    • Launch the Login web interface.
    http://server-ip:8080/auth/admin
    • Give your username and password.
    • Simply click Sign In.
    • Keycloak is now ready.

    Keycloak Account Settings – Magento 2 Keycloak (SSO) Login

    The user has to enter a username or email and password for keycloak registration.

    Magento-2-Keycloak-(SSO)-Login-Sign-in

    A successful login to the Keycloak take us to the Keylock console and open the Master realm by default, We’ll concentrate on making a custom realm here. 

    Magento-2-Keycloak-(SSO-Login-1

    To add a client, navigate to the Clients area of your Keycloak admin console and click on Create button to add the client.

    Magento-2-Keycloak-(SSO-Login-2

    Furthermore, the below settings need to be done.

    Add Client

    Import- Select the file which you want to import.

    Client ID- The client ID is required to enter here.

    Client Protocol- After that, select the client protocol from the dropdown list.

    Root URL- Enter the root URL of the Magento 2 homepage here.

    Now, click on the Save button to add a client.

    M2-Kecloak-3

    Add Users

    Here, we add users to the keycloak to add a new user, navigate to the Users page and select the Add user button on the far right of the screen.

    Magento-2-Keycloak-(SSO)-Login-4

    Fill out the form by entering your email address, first and last name, and then click the Save button as shown in the image below.

    Magento-- Keycloak-(SSO)-Login-5

    Note: We have a CORS issue when keycloak and Magento 2 are on different servers. To resolve this issue, the user has to enter the client URLs or Asterisk(*) in the Valid Redirect URL settings and Web Origin settings in the keycloak client settings.

    Magento-2 -Keycloak-(SSO)-Login-admin-console

    Admin Configurations-Magento 2 Keycloak (SSO) Login

    To configure keycloak module, the admin has to navigate through Stores>Configurations>Keycloak Connector>Keycloak Configuration as shown in the image.

    Magento-2-Keycloak-(SSO)-Login-admin-end

    Here, the admin will make the following settings:

    Enable Keycloak- Enable the status of the module by selecting Yes.

    Realm-Now, enter the Realm name here.

    SSL Required-  Ensures that all communication to and from the Keycloak server is over HTTPS.

    Auth Server URL- The admin will enter the Auth Server URL same as Keycloak account.

    Public Client- If set to Yes, the adapter will not send credentials for the client to Keycloak.

    Confidential Port- The confidential port used by the Keycloak server for safe SSL/TLS connections.

    URL- Here, the store admin will enter the URL of the keycloak.

    Client ID- The admin will enter the client ID which is created in the Keycloak account.

    Customer End Workflow- Magento 2 Keycloak (SSO) Login

    The customers can sign in with their Keycloak account to the Magento 2 store with the button present right below the Sign In button as shown in the screenshots. This is the Keycloak SSO feature.

    magento-2-keycloack-Customer-Login

    Also, you can check the Magento 2 Azure AD SSO login extension that allows the users to log into the Magento 2 store using their Azure AD credentials.

    This will redirect to the Keycloak and here the customer needs to enter their Keycloak credentials and they will sign in to the Magento 2 store.

    ss-M2v-keycloak-1

    If you already have a keycloak account and are logged in, you will be instantly signed in to Magento 2 store with the email address you used to sign up for keycloak.

    magento-2-keycloack-1.html-1

    That is all about the Magento 2 Keycloak(SSO) Login. If you have any queries regarding the plugin, please contact us at Webkul Support System.

    You can also check our complete Magento 2 extensions.

    Current Product Version - 5.0.0

    Supported Framework Version - 2.4.x

    . . .

    Leave a Comment

    Your email address will not be published. Required fields are marked*


    Be the first to comment.

    Back to Top

    Message Sent!

    If you have more details or questions, you can reply to the received confirmation email.

    Back to Home

    Table of Content