Open Zelldon opened 2 years ago
Might be something we want to do @felix-mueller for good self-managed start
Is there any public documentation on this yet that can be accessed outside of slack? I am currently trying to configure Camunda 8 with our AWS ALB Ingress and am having issues, namely:
localhost:18080
even with the following install command (note I've redacted the website name to helm install camunda-ee camunda-ee/camunda-platform -n camunda-ee --values values.yaml \
--set identity.auth.publicIssuerUrl="https://dev-camunda-keycloak.<website>.com/auth/realms/camunda-platform" \
--set identity.auth.operate.redirectUrl="https://dev-camunda-operate.<website>.com" \
--set identity.auth.optimize.redirectUrl="https://dev-camunda-optimize.<website>.com" \
--set identity.auth.tasklist.redirectUrl="https://dev-camunda-tasklist.<website>.com"
Using the port-forward commands, identity functions as expected (although it does redirect to http://localhost:8080/applications
after using the external ingress url dev-camunda-identity.<website>.com
), but the other applications (operate, optimize, tasklist) show this:
The full text of the redirect url (and parameter) is:
http://localhost:18080/auth/realms/camunda-platform/protocol/openid-connect/auth?client_id=operate&redirect_uri=https%3A%2F%2Fdev-camunda-operate.<website>.com%2Fidentity-callback&response_type=code&scope=openid+email&state=
Hey @samzph unfortunately there is no guide yet. Be aware that you have to use global.identity.auth.publicIssuerUrl
, so you missed the global
in your configurations. Hope this helps
Hey @samzph unfortunately there is no guide yet. Be aware that you have to use
global.identity.auth.publicIssuerUrl
, so you missed theglobal
in your configurations. Hope this helps
where do i use this?
Hey @varuncobain - this issue has been open for quite some time and since then there have been several updates to our documentation surrounding the ingress configurations, does this page in our docs provide you with the answers you need?
If not, please let me know and we'll explore the issues further!
@christinaausley @akeller it looks like the original ask here is now solved in our docs (or the state of the docs/product has sufficiently changed) ; do we feel comfortable closing this out?
I am good to close this! Thank you!
If users want to use identity/keycloak and our web applications together with an ingress they need to adjust certain properties it would be nice to have a small guide for such use case.
See related discussion: https://camunda-platform.slack.com/archives/CSH81V16W/p1650888410470839
Also from internal slack by @ManuelDittmar https://camunda.slack.com/archives/C02UMKN3DTL/p1650551797623999