thr3ads.net - dovecot - How to configure Dovecot with Keycloak correctly [Dec 2022]

If this information is useful, please help other people find it:
Share via:

Gary Horchem

2022-Dec-03 17:41 UTC

How to configure Dovecot with Keycloak correctly

Hello I?m trying to configure Dovecot with Keycloak I?m using the proxy with
password grant method.

Here?s my dovecot-oauth2.plain.conf.ext

grant_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
client_id = dovecot
client_secret = WtZ5uZsBi2QPfh1EWuMWjUVGNNT4HEGR
introspection_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token/introspect
introspection_mode = post
use_grant_password = yes
debug = yes
username_attribute = username
pass_attrs = host=server-1:8181 proxy=y proxy_mech=xoauth2
pass=%{oauth2:access_token}

And my dovecot-oauth2.token.conf.ext

grant_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
client_id = dovecot
client_secret = WtZ5uZsBi2QPfh1EWuMWjUVGNNT4HEGR
tokeninfo_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
introspection_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token/introspect
introspection_mode = post
use_grant_password = no
debug = yes
username_attribute = username
pass_attrs = pass=%{oauth2:access_token}

Do I also need to configure the dovecot-oauth2.conf.ext


Sent from my iPhone

Aki Tuomi

2022-Dec-07 07:26 UTC

head link

How to configure Dovecot with Keycloak correctly

> On 03/12/2022 19:41 EET Gary Horchem <gboy12.98 at gmail.com> wrote:
> 
>  
> Hello I?m trying to configure Dovecot with Keycloak I?m using the proxy
with password grant method.
> 
> Here?s my dovecot-oauth2.plain.conf.ext
> 
> grant_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
> client_id = dovecot
> client_secret = WtZ5uZsBi2QPfh1EWuMWjUVGNNT4HEGR
> introspection_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token/introspect
> introspection_mode = post
> use_grant_password = yes
> debug = yes
> username_attribute = username
> pass_attrs = host=server-1:8181 proxy=y proxy_mech=xoauth2
pass=%{oauth2:access_token}
> 
> And my dovecot-oauth2.token.conf.ext
> 
> grant_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
> client_id = dovecot
> client_secret = WtZ5uZsBi2QPfh1EWuMWjUVGNNT4HEGR
> tokeninfo_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token
> introspection_url =
https://server-1.gary-springfield-mo.net/realms/sso/protocol/openid-connect/token/introspect
> introspection_mode = post
> use_grant_password = no
> debug = yes
> username_attribute = username
> pass_attrs = pass=%{oauth2:access_token}
> 
> Do I also need to configure the dovecot-oauth2.conf.ext
> 
> 
> Sent from my iPhone

Not really.

They are just example files, you need to use the one that makes sense with your
setup and which you used for passdb oauth2.

Aki

dovecot - Dec 2022 - How to configure Dovecot with Keycloak correctly

How to configure Dovecot with Keycloak correctly

How to configure Dovecot with Keycloak correctly