You already use your SSO to conveniently manage permissions to applications; now you can also use it to manage permissions to your datasources following these simple steps.
Add a client: In your Keycloak console, click Clients then Create.
Enter basic information: Put a name like sdm or strongdm in Client ID (this will be needed later on), choose openid-connect as Client Protocol, and for Root URL fill in https://app.strongdm.com. Click Save.
Enter Details: In the next window, ensure Client Protocol is openid-connect, set Access Type to confidential, and fill in the following URLS under Valid Redirect URIs: https://app.strongdm.com/auth/return and https://app.strongdm.com/auth/return/. Other fields are optional and can be set as you prefer. Click Save.
Record the Client Secret: Click the Credentials tab and copy the string in the Secret field. You will need this in the next step.
Enter the account details in strongDM: In the strongDM app, go to “Settings” -> Authentication, choose OpenID Connect from the drop down menu and add your URL (Add
/auth/realms/<realmname> to your Keycloak base URL), Client ID, and Client Secret as shown. Click Activate.
Verify users in Keycloak: Ensure that all users in strongDM exist in Keycloak.
If any errors occur or if the integration fails in any way, please contact email@example.com for assistance.