Univention Bugzilla – Bug 55968
Make it more clear that Keycloak doesn't support external domainnames yet
Last modified: 2023-04-19 08:29:52 CEST
When configuring Keycloak customers can enter the Keycloak FQDN, but there is no warning in the config dialogue that only the result of ucr get domainname can be used, nor that anything else than ucs-sso-ng will work. In current documentation of the Keycloak App it it stated on https://docs.software-univention.de/keycloak-app/latest/installation.html: The URL has the following scheme: https://ucs-sso-ng.$domainname/admin/. The $domainname is your UCS domain name. There is no "Warning" section to emphasize the importance of this sentence and thus the customer might overlook it and will run into issues at a later time, see #55966 and #55967 as well. Maybe it is also good to include this under "Requirements and limitations" as well?
I assume w won't fix this as #55967 will be implemented and documented.
(In reply to Ingo Steuwer from comment #2) > I assume w won't fix this as #55967 will be implemented and documented. Yes, #55967 will be the proper fix, but the reason for this one is: As long as #55967 hasn't been fixed, customers will run into this problem over and over again and having the docs clearly state the issue might reduce the impact for customers as long as #55967 is still open. If #55967 is fixed, #55968 will be automatically irrelevant and the statement about external or custom domains should be removed again.