I am trying to setup an OIDC connection between a local instance of nextcloud(nextcloud.example. com) and keycloak(sso.example. com)
In Keycloak the settings for the nextcloud client are as follows and stick to the example in https://www.schiessle.org/articles/2020/07/26/nextcloud-and-openid-connect/:
client id : nextcloud.example. com
access type : confidential
standard flow: enabled
direct access grants: enabled
service accounts: enabled
authorization: enabled
valid redirect urls: https ://nextcloud.example. com/*
On the nextcloud side of things this is my config:
Identifier: keycloak (also tried Keycloak)
client id: nextcloud.example. com
client secret: copied from keycloak
discovery endpoint: https:// sso.example. com/auth/realms/example_realm/protocol/openid-connect
scope: openid email profile
rest is standard
[/details]
Nextcloud version: Nextcloud 21.0.4
The login via Keycloak button appears but when clicked presents me with an error “Could not the reach OpenID Connect provider.”
The nextcloud server can reach the keycloak server as seen in the log of the keycloak instance:
14:24:31,158 WARN [org.keycloak.events] (default task-1) type=LOGIN_ERROR, realmId=example_realm, clientId=null, userId=null, ipAddress=172.19.0.1, error=invalid_request
In the log of the nextcloud instance this is the error message
Fatal user_oidc Could not reach provider at URL https://sso.example. com/auth/realms/example_realm/protocol/openid-connect
Any help would be appreciated.
