Hi Abdullah,
You may need to disable basic auth and enable oauth, please leave 2fa
disabled as well. Here are the relevant props that need to be changed:
fineract.security.basicauth.enabled=${FINERACT_SECURITY_BASICAUTH_ENABLED:true}
fineract.security.oauth.enabled=${FINERACT_SECURITY_OAUTH_ENABLED:false}
fineract.security.2fa.enabled=${FINERACT_SECURITY_2FA_ENABLED:false}
Please also make sure that the issuer-uri is pointing to your keycloak.
spring.security.oauth2.resourceserver.jwt.issuer-uri=${FINERACT_SERVER_OAUTH_RESOURCE_URL:
http://localhost:9000/auth/realms/fineract}
You can find an example on our CI/CD pipeline where we have integration
tests which are using a mock oauth server. The mock oauth2 server is
initialized here:
https://github.com/apache/fineract/blob/71d2e51051397b23140c7b22f54f0db9f98287e2/.github/workflows/build-mysql.yml#L20-L26
And here you can see that the above application.properties are configured
for the oauth integr tests:
https://github.com/apache/fineract/blob/71d2e51051397b23140c7b22f54f0db9f98287e2/oauth2-tests/build.gradle#L60
Regards, Peter
On Mon, Oct 30, 2023 at 3:57 PM Abdullah Homsi <[email protected]>
wrote:
> Hello Community,
>
> Hope my email finds you well!
>
> Can anyone please advise on the fineract application.properties values
> that are needed to be adjusted in order to complete the integration of key
> cloak with fineract, knowing that I have created the realm and client with
> mifos user and followed the listed steps in the following link :
>
> https://github.com/apache/fineract/blob/develop/fineract-doc/src/docs/en/chapters/security/oauth.adoc
>
> Thanks in advance,
> Abdullah H
>
