Skip to content

Enabling Keycloak as an OIDC provider for Connections

Single sign-on is accomplished by setting up a trust relationship between the Connections server and Keycloak using the IBM WebSphere OpenID Connect Relying Party Trust Association Interceptor (OIDC Relying Party TAI).

For background on OIDC (OpenID Connect), you can see these topics in the IBM documentation for WebSphere Application Server:

Enabling Keycloak as an OIDC Provider for Connections in Connections involves completing three major steps:

  • Configuring Keycloak as an OIDC Provider for Connections
  • Updating WebSphere to support Keycloak OIDC Authentication for Connections
  • Configuring Connections to support Keycloak

Note: You will use values from the Keycloak configuration when configuring the WebSphere TAI and other WebSphere Global Security configurations.

Parent topic:Configuring single sign-on