Hi, 

There is no authentication part in settings, there are only "integrations" (odoo 14), one of them is "Authentication Oauth", but it doesn't work, once i've logged in, i'm redirect to odoo with an error, odoo says :

   raise Exception(validation['error'])

Exception: invalid_request

Keycloak says Login in event log of the realm (Ok for me) but in the log :

[] (executor-thread-1) type=USER_INFO_REQUEST_ERROR, realmId=9eeb605c-5298-41c2-8515-f7b91594d91b, clientId=null, userId=null, ipAddress=127.0.0.1, error=invalid_token, auth_method=validate_access_token

here are my settings in odoo :

name : mysso

id.client : the name of the client in the realm

authorisation endpoint : link to/protocol/openid-connect/auth

scope : openid profile email

userinfo : link to /protocol/openid-connect/userinfo

I've filled nothing in "data endpoint", there is no such things in keycloak as long as I know, I could be wrong...

Have you got an idea ?

And miniorange sso module is definitly too expensive...

Best regards,

Yann Boulanger

Hi Yann, 

Here's what you need to do Keycloak Configuration This includes setting up the client ID, client protocol, and other relevant settings. Odoo Configuration https://plugins.miniorange.com/odoo-single-sign-on-using-keycloak-as-idp

In Odoo, go to the "Settings" module.

Navigate to "General Settings."

Scroll down to the "Authentication" section.

Select "OAuth2.0" as the authentication method.

In the "OAuth2.0 Configuration" section, you will find a field for "OAuth2.0 Provider." Here, you should enter the URL of your Keycloak server, including the realm, for example: https://keycloak.example.com/auth/realms/your-realm.

Save Configuration: Save the configuration in Odoo.

Test the SSO setup by attempting to log in to Odoo. and Odoo relies on the OAuth2.0 protocol and the client ID for authentication.