Skip to main content

Verifying credentials in KeyCloak

Go to Keycloak Admin Console
Select your realm
Navigate to Identity Providers → Add provider → OpenID Connect v1.0
Configure:

Alias: sirosid
Display Name: SIROS Credential Manager
Discovery Endpoint: https://your.verifier:8080/.well-known/openid-configuration
Client ID: keycloak (as registered above)
Client Secret: your-secret
Client Authentication: Client secret sent as post
Validate Signatures: ON
Use PKCE: ON

Configure Claim mappings

Username: sub
First Name: given_name
Last Name: family_name
Email: email
Birth Date: birthdate
Nationality: nationality