Identity Provider based on Keycloak for API

Hello Adam,

we have a central Identity Provider based on Keycloak for all our Apps and Services. (API)

We are now trying to attach further Services from the Microsoft Stack to this identity provider.
We can do this with Python + FastAPI or Powershell Universal.

Is there a documented and supported way to authenticate via external Keycloak Provider to use / execute Powershell Universal API Endpoints.

I found this topic but im not sure if this is the right way to go.

So I was able to get this working. It’s not exactly the same as that document, since that document outlines setting up full OpenID for interactive user access to the portal UI, right? For that I’d rather just use SAML or something. In my case, I just configured the appsettings.json similarly to what was outlined in the blog. I just updated the jwt object like so: “Jwt”: { “Issuer”: “https://login.microsoftonline.com/{{TenantID}}/v2.0”, “Audience”: “”, “DiscoveryDocument”: “https://login.…

If yes how claims / permissons or other stuff can be mapped to correct endpoint.

Regards,
Tyler