Hi Colleen, Am 14.02.19 um 11:32 schrieb Colleen Murphy:
I'm more interested in what you were seeing, both the output from the client and the output from the keystone server if you have access to it.
I will configure the adfs-connection again and send you the logs.
Unfortunately that seems to still be a valid bug that we'll need to address. You could try using the python keystoneauth library directly and see if the issue appears there[1][2].
[1] https://docs.openstack.org/keystoneauth/latest/using-sessions.html [2] https://docs.openstack.org/keystoneauth/latest/plugin-options.html#v3oidcpas...
I was missing the --os-client-id parameter, but I didnt got any hint about its required, so took a while to find it. With os-client-id, and os-client-secret Im now able to reach my keycloak. I already found some settings on keycloak I had to change. (Hopefully) I will be able to continue my work next week.
I found that too. The in-development documentation has already been fixed[3] but we didn't backport that to the Rocky documentation because it was part of a large series of rewrites and reorgs.
[3] https://docs.openstack.org/keystone/latest/admin/federation/configure_federa...
Great - thank a lot, I will fix my settings. Fabian