Skip to content

Important Changes

... on the Client

The new Keycloak version includes the following important changes:

  1. Hint - HTTPS only

    SEAL Port 32769 supports only HTTPS, no HTTP anymore!

  2. In your clients, e. g. PLOSSYS 5, SEAL Operator/SEAL Print Client, adjust the following environment keys by removing the auth directory from the URL:

    • AUTH_ISSUER_URL: The OIDC identity provider's auth issuer URL (required).

      Example - AUTH_ISSUER_URL

      • old value:

        AUTH_ISSUER_URL=https://mgmt_server:32769/auth/realms/SEAL

      • new value:

        AUTH_ISSUER_URL=https://mgmt_server:32769/realms/SEAL

    • ID_PROVIDER_NAME: The name of the OIDC identity provider (required for some identity providers).

      Example - ID_PROVIDER_NAME

      • old value:

        ID_PROVIDER_NAME=https://mgmt_server:32769/auth/realms/SEAL

      • new value:

        ID_PROVIDER_NAME=https://mgmt_server:32769/realms/SEAL

... in Keycloak

The client configuration has been changed. The previous configuration has been extended by a new optional, internal seal-webportal client for the communication between Web Portal and other SEAL Operator connectors.

The client is preconfigered as follows:

  • Client Credential Flow is activated.

  • The client-secret is active.

Getting a Token

You can get a token by making test calls like the following:

  • easyPRIMA:

    curl -k -d "client_id=seal-easyprima" -d "username=<user_name>" -d "password=<password>" -d "grant_type=password" -d "client_secret=<client_secret>" "https://%HOSTNAME%:32769/realms/SEAL/protocol/openid-connect/token" -v

  • SEAL OP-CLI:

    curl -k -d "client_id=seal-opcli" -d "username=<user_name>" -d "password=<password>" -d "grant_type=password" -d "client_secret=<client_secret>" "https://%HOSTNAME%:32769/realms/SEAL/protocol/openid-connect/token" -v

  • PLOSSYS CLI:

    curl -k -d "client_id=seal-plossyscli" -d "username=<user_name>" -d "password=<password>" -d "grant_type=password" -d "client_secret=<client_secret>" "https://%HOSTNAME%:32769/realms/SEAL/protocol/openid-connect/token" -v

Hint - adding new clients manually

You have to add new clients manually to prevent the existing configuration from being destroyed.

If you are allowed to overwrite the existing configuration, see [Configuring An External Keycloak](../customer_keycloak/config_external_kc.md).
Back to top