52 lines
2.6 KiB
Text
52 lines
2.6 KiB
Text
|
|
==== LinkedIn
|
|
|
|
To enable login with LinkedIn you first have to create an application in https://www.linkedin.com/secure/developer[LinkedIn Developer Network].
|
|
Then you need to copy the client id and secret into the Keycloak Admin Console.
|
|
|
|
Let's see first how to create an application with LinkedIn.
|
|
|
|
. Log in to https://www.linkedin.com/secure/developer[LinkedIn Developer Network].
|
|
Click the `Add New Application` link.
|
|
Use any value for `Application Name`, `Website URL`, `Description`, `Developer Contact Email` and `Phone` you want.
|
|
Select `r_basicprofile` and `r_emailaddress` in the `Default Scope` section.
|
|
Click the `Add Application` button.
|
|
. Copy `Consumer Key / API Key` and `Consumer Secret / Secret Key` from the shown page.
|
|
|
|
Now that you have the client id and secret, you can proceed with the creation of a LinkedIn Identity Provider in Keycloak.
|
|
As follows:
|
|
|
|
. Select the `LinkedIn` identity provider from the drop-down box on the top right corner of the identity providers table in Keycloak's Admin Console.
|
|
You should be presented with a specific page to configure the selected provided.
|
|
. Copy the client id and secret to their corresponding fields in the Keycloak Admin Console.
|
|
Click `Save`.
|
|
|
|
Once you create the identity provider in Keycloak, you must update your LinkedIn application with the redirect url that was generated to your identity provider.
|
|
|
|
. Open the LinkedIn Developer Network and select your application.
|
|
In `OAuth 2.0 Redirect URLs` insert the redirect uri created by Keycloak.
|
|
The redirect uri usually have the following format: `http://{host}:{port}/auth/realms/{realm}/broker/{provider_alias}/endpoint`.
|
|
|
|
NOTE: You can always get the redirect url for a specific identity provider from the table presented when you click on the 'Identity Provider' tab in _Realm > Settings_.
|
|
|
|
That is it! This pretty much what you need to do in order to setup this identity provider.
|
|
|
|
The table below lists some additional configuration options you may use when configuring this provider.
|
|
|
|
.Configuration Options
|
|
[cols="1,1", options="header"]
|
|
|===
|
|
|
|
|
Configuration
|
|
|
|
|
|
|
Description
|
|
|
|
|
|
|
Default Scopes
|
|
|
|
|
|
|
Allows you to manually specify the scopes that users must authorize when authenticating with this provider.
|
|
For a complete list of scopes, please take a look at application configuration in LinkedIn Developer Network. By default, Keycloak uses the following scopes: r_basicprofile r_emailaddress
|
|
|
|
|===
|