Search results

Red Hat support for SSO authentication

Red Hat Single Sign-On (RH-SSO) is based on the Keycloak project and enables you to secure your web applications by providing Web single sign-on (SSO) capabilities based on popular standards such as SAML 2.0, OpenID Connect, and OAuth 2.0.

This section explains how to perform Single Sign-On for users in Red Hat with the Bold BI application using Open ID Connect.

How to register the Bold BI application in Red Hat

NOTE: This configuration has to be done on the Red Hat website.

Prerequisites

  • An admin account in Red Hat.
  • Install the Bold BI application.

Steps to register the Bold BI application

  1. Log in to the Red Hat website with an admin account.

    RedHat Admin console

  2. Navigate to the Security admin console, then to the Clients page and, select the Create option.

    RedHat Client Option

  3. On the Add Client page, enter the client id and select the Client protocol as openid-connect, then click Save.

    RedHat Application Page

  4. Once the client has been created, please configure the following in the settings section and save the changes.

    RedHat Settings Option

    RedHat Settings

Access Type Set access type to confidential.
Implicit Flow Enabled On
Valid redirect URIs URL Format: https://{domain}/signin-oidc

Example: https://example.com/signin-oidc

Note: The Redirect URI is found under the OpenID Connect settings of your Bold BI application, as in the following screenshot.

After successful registration with Red Hat, save these settings in the Bold BI settings page to enable this authentication.

Enable Red Hat authentication support in Bold BI

Configure the settings in Bold BI as shown in the following screenshot to enable the authentication using Red Hat.

RedHat Bi Settings

The fields to be saved in the Bold BI to enable the Red Hat for authentication are explained as follows.

Enable Open ID Connect Enabled
Provider Name It represents the name of the authentication provider to be displayed on the login page.
Provider Logo It represents the logo of the authentication provider to be displayed on the login page.
Authority It must be the URL of your Red Hat instance.

URL format: https://{host}/auth/realms/{realm}

Note: The Authority URL only accepts HTTPS, and Red Hat should be configured in HTTPS..
Client ID The Client ID is the one you get after registering the Bold BI application on the Red Hat website.

Note: Client ID is available in the Clients page.
Client Secret The Client Secret is the one you get after registering the Bold BI application on the Red Hat website.

Note: Client Secret is available in the Credentials section of the Client details page.
Identifier The Bold BI application requires an email address to login to the application.

So, please set the identifier as email.

Note: All accounts in Red Hat should have a valid email address.
Logout Endpoint It is the endpoint in the Red Hat website that signs the user out.

Login with Red Hat

  1. Go to the login page and select the Red Hat option to log in.

    RedHat Bi Login Option

  2. Fill in the username and password in the Red Hat SSO login screen and sign in.

    RedHat Bi Login