How to configure Dovecot with Keycloak correctly
Aki Tuomi
aki.tuomi at open-xchange.com
Wed Dec 7 07:26:52 UTC 2022
> On 03/12/2022 19:41 EET Gary Horchem <gboy12.98 at gmail.com> wrote:
>
>
> Hello I’m trying to configure Dovecot with Keycloak I’m using the proxy with password grant method.
>
> Here’s my dovecot-oauth2.plain.conf.ext
>
> grant_url = https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
> client_id = dovecot
> client_secret = WtZ5uZsBi2QPfh1EWuMWjUVGNNT4HEGR
> introspection_url = https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token/introspect
> introspection_mode = post
> use_grant_password = yes
> debug = yes
> username_attribute = username
> pass_attrs = host=server-1:8181 proxy=y proxy_mech=xoauth2 pass=%{oauth2:access_token}
>
> And my dovecot-oauth2.token.conf.ext
>
> grant_url = https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
> client_id = dovecot
> client_secret = WtZ5uZsBi2QPfh1EWuMWjUVGNNT4HEGR
> tokeninfo_url = https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
> introspection_url = https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token/introspect
> introspection_mode = post
> use_grant_password = no
> debug = yes
> username_attribute = username
> pass_attrs = pass=%{oauth2:access_token}
>
> Do I also need to configure the dovecot-oauth2.conf.ext
>
>
> Sent from my iPhone
Not really.
They are just example files, you need to use the one that makes sense with your setup and which you used for passdb oauth2.
Aki
More information about the dovecot
mailing list