Skip to content

Latest commit

 

History

History
23 lines (20 loc) · 1.09 KB

proc_configuring-keycloak-settings-for-authentication-with-cac-cards.adoc

File metadata and controls

23 lines (20 loc) · 1.09 KB

Configuring {Keycloak} Settings for Authentication With {PIV} Cards

You must configure {Keycloak} settings for authentication with {PIV} cards.

Procedure

  1. In the {Keycloak} web UI, navigate to the Authentication tab.

  2. From the Flows list, select Browser.

  3. Click Copy to copy this flow.

  4. In the Copy Authentication Flow window, enter a new name for the flow and click OK.

  5. In the copied flow, delete Username Password Form and OTP Form entries.

  6. Click Add execution.

  7. From the Provider list, select X509/Validate Username Form.

  8. Click Save.

  9. In the X509/Validate Username Form raw, select ALTERNATIVE.

  10. In the X509/Validate Username Form raw, click Actions > Config.

  11. In the Alias field, enter a name for this configuration.

  12. From the User Identity Source list, select Subject’s Common Name,

  13. From the User mapping method list, select Username or Email.

  14. Click Save.

  15. Navigate to Authentication > Bindings.

  16. From the Browser Flow list, select the created flow.