From 7c6ce7548d4279efe427eae02f4827e5d98977e1 Mon Sep 17 00:00:00 2001
From: Cole Isaac <82131455+conceptualshark@users.noreply.github.com>
Date: Tue, 17 Dec 2024 10:54:20 -0500
Subject: [PATCH] add helm variant of keycloak instructions, fix link (#4693)
---
.../connect-to-an-existing-keycloak.md | 29 ++++++++++--
.../connect-to-an-existing-keycloak.md | 39 ++++++++++++----
.../connect-to-an-existing-keycloak.md | 45 ++++++++++++++-----
.../connect-to-an-existing-keycloak.md | 27 ++++++++++-
.../connect-to-an-existing-keycloak.md | 27 ++++++++++-
5 files changed, 141 insertions(+), 26 deletions(-)
diff --git a/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md b/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
index 835be739ecc..1ccd5bc75c1 100644
--- a/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
+++ b/docs/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
@@ -5,12 +5,15 @@ sidebar_label: "Connect to an existing Keycloak instance"
description: "Learn how to connect Identity to your existing Keycloak instance."
---
+import Tabs from "@theme/Tabs";
+import TabItem from "@theme/TabItem";
+
In this guide, we'll demonstrate how to connect Identity to your existing Keycloak instance.
## Prerequisites
-- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/23.0.1/server_admin/#using-the-admin-console)
-- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/23.0.1/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak.
+- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/latest/server_admin/#using-the-admin-console)
+- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/latest/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak
:::note
Clients in Camunda 8 SaaS and applications in Camunda 8 Self-Managed provide a similar purpose. One key difference is that for Camunda 8 SaaS, you can set up specific [client connection credentials](/guides/setup-client-connection-credentials.md), whereas in Identity, an application is created with credentials automatically assigned.
@@ -24,7 +27,15 @@ As of the 8.5.3 release, Identity uses the Keycloak frontend URL instead of the
To avoid connectivity issues, ensure your Keycloak frontend URL is accessible by adjusting your network, firewall, or security settings as needed. This adjustment is crucial to maintain the integration with Keycloak and ensure compatibility.
:::
-To connect Identity to an existing Keycloak instance, take the following steps:
+To connect Identity to an existing Keycloak instance, take the following steps for your Camunda installation:
+
+
+
+
1. Log in to your Keycloak Admin Console.
2. Select the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
@@ -56,6 +67,18 @@ To connect Identity to an existing Keycloak instance, take the following steps:
:::
13. Start Identity.
+
+
+
+1. Log in to your Keycloak Admin Console.
+2. Verify the name of the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
+ 
+3. Set the `KEYCLOAK_REALM` [environment variable](/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
+4. Start Identity.
+
+
+
+
:::note What does Identity create when starting?
Identity creates a base set of configurations required to function successfully. To understand more about what is created and why, see [the starting configuration](/self-managed/identity/deployment/starting-configuration.md).
:::
diff --git a/versioned_docs/version-8.3/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md b/versioned_docs/version-8.3/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
index a7ea08ab9fb..513a05bc808 100644
--- a/versioned_docs/version-8.3/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
+++ b/versioned_docs/version-8.3/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
@@ -5,16 +5,27 @@ sidebar_label: "Connect to an existing Keycloak instance"
description: "Learn how to connect Identity to your existing Keycloak instance."
---
+import Tabs from "@theme/Tabs";
+import TabItem from "@theme/TabItem";
+
In this guide, we'll demonstrate how to connect Identity to your existing Keycloak instance.
## Prerequisites
-- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/22.0.1/server_admin/#using-the-admin-console)
-- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/22.0.1/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak.
+- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/23.0.1/server_admin/#using-the-admin-console)
+- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/latest/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak
## Steps
-To connect Identity to an existing Keycloak instance, take the following steps:
+To connect Identity to an existing Keycloak instance, take the following steps for your Camunda installation:
+
+
+
+
1. Log in to your Keycloak Admin Console.
2. Select the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
@@ -22,7 +33,7 @@ To connect Identity to an existing Keycloak instance, take the following steps:
3. Select **Clients** in the navigation menu, and click the **Create** button to create a new client.
4. Enter a client ID and click **Next**.
:::note What client ID should I use?
- By default, Identity uses the Client ID `camunda-identity`, so we recommend using this too. If you choose a different client ID, this will need to be set in the Identity application [environment variables](/docs/self-managed/identity/deployment/configuration-variables.md).
+ By default, Identity uses the Client ID `camunda-identity`, so we recommend using this too. If you choose a different client ID, this will need to be set in the Identity application [environment variables](/self-managed/identity/deployment/configuration-variables.md).
:::
5. Toggle **Client authentication** to `on`, select **Service accounts roles** and click **Next**.
@@ -38,16 +49,28 @@ To connect Identity to an existing Keycloak instance, take the following steps:
Identity is designed to allow users to manage the various entities related to Camunda. To achieve this, it requires specific access to the realm.
:::
10. Navigate to the **Credentials** tab and copy the client secret.
-11. Set the `IDENTITY_CLIENT_SECRET` [environment variable](/docs/self-managed/identity/deployment/configuration-variables.md) with the value from **Step 9**.
-12. Set the `KEYCLOAK_REALM` [environment variable](/docs/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
+11. Set the `IDENTITY_CLIENT_SECRET` [environment variable](/self-managed/identity/deployment/configuration-variables.md) with the value from **Step 9**.
+12. Set the `KEYCLOAK_REALM` [environment variable](/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
:::tip
If you are using a specific realm, you need to set additional variables to use the intended realm.
- See the [environment variables](/docs/self-managed/identity/deployment/configuration-variables.md) page for details of Keycloak-specific variables to consider.
+ See the [environment variables](/self-managed/identity/deployment/configuration-variables.md) page for details of Keycloak-specific variables to consider.
:::
13. Start Identity.
+
+
+
+1. Log in to your Keycloak Admin Console.
+2. Verify the name of the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
+ 
+3. Set the `KEYCLOAK_REALM` [environment variable](/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
+4. Start Identity.
+
+
+
+
:::note What does Identity create when starting?
-Identity creates a base set of configurations required to function successfully. To understand more about what is created and why, see [the starting configuration](/docs/self-managed/identity/deployment/starting-configuration.md).
+Identity creates a base set of configurations required to function successfully. To understand more about what is created and why, see [the starting configuration](/self-managed/identity/deployment/starting-configuration.md).
:::
## Considerations
diff --git a/versioned_docs/version-8.4/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md b/versioned_docs/version-8.4/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
index dbe8c95860f..513a05bc808 100644
--- a/versioned_docs/version-8.4/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
+++ b/versioned_docs/version-8.4/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
@@ -5,16 +5,27 @@ sidebar_label: "Connect to an existing Keycloak instance"
description: "Learn how to connect Identity to your existing Keycloak instance."
---
+import Tabs from "@theme/Tabs";
+import TabItem from "@theme/TabItem";
+
In this guide, we'll demonstrate how to connect Identity to your existing Keycloak instance.
-### Prerequisites
+## Prerequisites
+
+- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/23.0.1/server_admin/#using-the-admin-console)
+- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/latest/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak
-- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/22.0.1/server_admin/#using-the-admin-console)
-- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/22.0.1/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak.
+## Steps
-### Steps
+To connect Identity to an existing Keycloak instance, take the following steps for your Camunda installation:
-To connect Identity to an existing Keycloak instance, take the following steps:
+
+
+
1. Log in to your Keycloak Admin Console.
2. Select the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
@@ -22,7 +33,7 @@ To connect Identity to an existing Keycloak instance, take the following steps:
3. Select **Clients** in the navigation menu, and click the **Create** button to create a new client.
4. Enter a client ID and click **Next**.
:::note What client ID should I use?
- By default, Identity uses the Client ID `camunda-identity`, so we recommend using this too. If you choose a different client ID, this will need to be set in the Identity application [environment variables](/docs/self-managed/identity/deployment/configuration-variables.md).
+ By default, Identity uses the Client ID `camunda-identity`, so we recommend using this too. If you choose a different client ID, this will need to be set in the Identity application [environment variables](/self-managed/identity/deployment/configuration-variables.md).
:::
5. Toggle **Client authentication** to `on`, select **Service accounts roles** and click **Next**.
@@ -38,19 +49,31 @@ To connect Identity to an existing Keycloak instance, take the following steps:
Identity is designed to allow users to manage the various entities related to Camunda. To achieve this, it requires specific access to the realm.
:::
10. Navigate to the **Credentials** tab and copy the client secret.
-11. Set the `IDENTITY_CLIENT_SECRET` [environment variable](/docs/self-managed/identity/deployment/configuration-variables.md) with the value from **Step 9**.
-12. Set the `KEYCLOAK_REALM` [environment variable](/docs/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
+11. Set the `IDENTITY_CLIENT_SECRET` [environment variable](/self-managed/identity/deployment/configuration-variables.md) with the value from **Step 9**.
+12. Set the `KEYCLOAK_REALM` [environment variable](/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
:::tip
If you are using a specific realm, you need to set additional variables to use the intended realm.
- See the [environment variables](/docs/self-managed/identity/deployment/configuration-variables.md) page for details of Keycloak-specific variables to consider.
+ See the [environment variables](/self-managed/identity/deployment/configuration-variables.md) page for details of Keycloak-specific variables to consider.
:::
13. Start Identity.
+
+
+
+1. Log in to your Keycloak Admin Console.
+2. Verify the name of the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
+ 
+3. Set the `KEYCLOAK_REALM` [environment variable](/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
+4. Start Identity.
+
+
+
+
:::note What does Identity create when starting?
-Identity creates a base set of configurations required to function successfully. To understand more about what is created and why, see [the starting configuration](/docs/self-managed/identity/deployment/starting-configuration.md).
+Identity creates a base set of configurations required to function successfully. To understand more about what is created and why, see [the starting configuration](/self-managed/identity/deployment/starting-configuration.md).
:::
-### Considerations
+## Considerations
When connecting Identity to a shared realm, accurately determining what clients should and should not be displayed in the Identity UI is not possible. Therefore, the clients in the realm you connect Identity to will be shown in the Identity UI and can
have their secrets viewed and updated. Users with access to Identity should be considered as having administrator-level access to the system.
diff --git a/versioned_docs/version-8.5/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md b/versioned_docs/version-8.5/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
index 835be739ecc..2e61c28b921 100644
--- a/versioned_docs/version-8.5/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
+++ b/versioned_docs/version-8.5/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
@@ -5,12 +5,15 @@ sidebar_label: "Connect to an existing Keycloak instance"
description: "Learn how to connect Identity to your existing Keycloak instance."
---
+import Tabs from "@theme/Tabs";
+import TabItem from "@theme/TabItem";
+
In this guide, we'll demonstrate how to connect Identity to your existing Keycloak instance.
## Prerequisites
- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/23.0.1/server_admin/#using-the-admin-console)
-- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/23.0.1/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak.
+- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/latest/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak
:::note
Clients in Camunda 8 SaaS and applications in Camunda 8 Self-Managed provide a similar purpose. One key difference is that for Camunda 8 SaaS, you can set up specific [client connection credentials](/guides/setup-client-connection-credentials.md), whereas in Identity, an application is created with credentials automatically assigned.
@@ -24,7 +27,15 @@ As of the 8.5.3 release, Identity uses the Keycloak frontend URL instead of the
To avoid connectivity issues, ensure your Keycloak frontend URL is accessible by adjusting your network, firewall, or security settings as needed. This adjustment is crucial to maintain the integration with Keycloak and ensure compatibility.
:::
-To connect Identity to an existing Keycloak instance, take the following steps:
+To connect Identity to an existing Keycloak instance, take the following steps for your Camunda installation:
+
+
+
+
1. Log in to your Keycloak Admin Console.
2. Select the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
@@ -56,6 +67,18 @@ To connect Identity to an existing Keycloak instance, take the following steps:
:::
13. Start Identity.
+
+
+
+1. Log in to your Keycloak Admin Console.
+2. Verify the name of the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
+ 
+3. Set the `KEYCLOAK_REALM` [environment variable](/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
+4. Start Identity.
+
+
+
+
:::note What does Identity create when starting?
Identity creates a base set of configurations required to function successfully. To understand more about what is created and why, see [the starting configuration](/self-managed/identity/deployment/starting-configuration.md).
:::
diff --git a/versioned_docs/version-8.6/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md b/versioned_docs/version-8.6/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
index 835be739ecc..2e61c28b921 100644
--- a/versioned_docs/version-8.6/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
+++ b/versioned_docs/version-8.6/self-managed/identity/user-guide/configuration/connect-to-an-existing-keycloak.md
@@ -5,12 +5,15 @@ sidebar_label: "Connect to an existing Keycloak instance"
description: "Learn how to connect Identity to your existing Keycloak instance."
---
+import Tabs from "@theme/Tabs";
+import TabItem from "@theme/TabItem";
+
In this guide, we'll demonstrate how to connect Identity to your existing Keycloak instance.
## Prerequisites
- Access to your [Keycloak Admin Console](https://www.keycloak.org/docs/23.0.1/server_admin/#using-the-admin-console)
-- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/23.0.1/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak.
+- A basic understanding of [administering realms and clients](https://www.keycloak.org/docs/latest/server_admin/#assembly-managing-clients_server_administration_guide) in Keycloak
:::note
Clients in Camunda 8 SaaS and applications in Camunda 8 Self-Managed provide a similar purpose. One key difference is that for Camunda 8 SaaS, you can set up specific [client connection credentials](/guides/setup-client-connection-credentials.md), whereas in Identity, an application is created with credentials automatically assigned.
@@ -24,7 +27,15 @@ As of the 8.5.3 release, Identity uses the Keycloak frontend URL instead of the
To avoid connectivity issues, ensure your Keycloak frontend URL is accessible by adjusting your network, firewall, or security settings as needed. This adjustment is crucial to maintain the integration with Keycloak and ensure compatibility.
:::
-To connect Identity to an existing Keycloak instance, take the following steps:
+To connect Identity to an existing Keycloak instance, take the following steps for your Camunda installation:
+
+
+
+
1. Log in to your Keycloak Admin Console.
2. Select the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
@@ -56,6 +67,18 @@ To connect Identity to an existing Keycloak instance, take the following steps:
:::
13. Start Identity.
+
+
+
+1. Log in to your Keycloak Admin Console.
+2. Verify the name of the realm you would like to connect Identity to. In our example, this is **camunda-platform**.
+ 
+3. Set the `KEYCLOAK_REALM` [environment variable](/self-managed/identity/deployment/configuration-variables.md) to the realm you selected in **Step 2**.
+4. Start Identity.
+
+
+
+
:::note What does Identity create when starting?
Identity creates a base set of configurations required to function successfully. To understand more about what is created and why, see [the starting configuration](/self-managed/identity/deployment/starting-configuration.md).
:::