libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions
keycloak-scim/topics/identity-broker/social/facebook.adoc
Bill Burke bc2920cf5b google
2016-05-26 12:09:04 -04:00

62 lines
3.2 KiB
Text
Raw Blame History

==== Facebook
To enable login with Facebook you first have to create an application in the https://developers.facebook.com/[Facebook Developer Console].
Then you need to copy the client id and secret into the Keycloak Admin Console.
Let's see first how to create an application with Facebook.
. Log in to the https://developers.facebook.com/[Facebook Developer Console].
Click `Apps` in the menu and select `Create a New App`.
Use any value for `Display Name` and `Category` you want, then click the `Create App` button.
Wait for the project to be created (this may take a while). If after creating the app you are not redirected to the app settings, click on `Apps` in the menu and select the app you created.
. Once the app has been created click on `Settings` in sidebar on the left.
You must specify a contact email.
Save your changes.
Then click on `Advanced`.
Under `Security` make sure `Client OAuth Login` is enabled.
Scroll down and click on the `Save Changes` button.
. Click `Status & Review` and select `YES` for `Do you want
to make this app and all its live features available to the general public?`.
You will not be able to set this until you have provided a contact email in the general settings of this application.
. Click `Basic`.
Copy `App ID` and `App Secret` (click `show`) from the https://developers.facebook.com/[Facebook Developer Console].
Now that you have the client id and secret, you can proceed with the creation of a Facebook Identity Provider in Keycloak.
As follows:
. Select the `Facebook` identity provider from the drop-down box on the top right corner of the identity providers table in Keycloak's Admin Console.
You should be presented with a specific page to configure the selected provided.
. Copy the client id and secret to their corresponding fields in the Keycloak Admin Console.
Click `Save`.
Once you create the identity provider in Keycloak, you must update your Facebook application with the redirect url that was generated to your identity provider.
. Open the Facebook Developer Console and select your application.
Click on `Advanced`.
Under `Security` make sure `Client OAuth Login` is enabled.
In `Valid OAuth redirect URIs` insert the redirect uri created by Keycloak.
The redirect uri usually have the following format: `http://{host}:{port}/auth/realms/{realm}/broker/{provider_alias}`.
NOTE: You can always get the redirect url for a specific identity provider from the table presented when you click on the 'Identity Provider' tab in _Realm > Settings_.
That is it! This pretty much what you need to do in order to setup this identity provider.
The table below lists some additional configuration options you may use when configuring this provider.
.Configuration Options
[cols="1,1", options="header"]
|===
|
Configuration
|
Description
|
Default Scopes
|
Allows you to manually specify the scopes that users must authorize when authenticating with this provider. For a complete list of scopes, please take a look at https://developers.facebook.com/docs/graph-api. By default, Keycloak uses the following scopes: email
|===
Reference in a new issue View git blame Copy permalink