Keycloak Authentication
Enable Keycloak authentication
Create Keycloak user if it does not exist
Enable Two-factor authentication
You need to add the TOTP (6 digits) to the password when logging in
Keycloak server URL
Keycloak Realm
Client ID
Client Secret
OAuth Scope
Roles token attribute
Access token attribute with the list of roles. Seperate keys with a '.' if the role list is part of a nested object.
Username token attribute
Access token attribute with the username
Allow users without a role to log in
Enable access to all libraries
Enable access to certain libraries by default
Add library access to certain users by giving them the 'lib-<ID>' role
Save