Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DOCS-7765] Unable to edit process when using APS with IDS in Docker #1606

Merged
merged 2 commits into from
Nov 25, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions process-services/2.4/config/authenticate.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ Configure the `activiti-identity-service.properties` file using the below proper
|keycloak.public-client| *Optional.* The adapter will not send credentials for the client to the Identity Service if this is set to `true`.|
|keycloak.credentials.secret| *Optional.* The secret key for this client if the access type is not set to `public`.|
|keycloak.always-refresh-token| *Required.* The token will be refreshed for every request if this is set to `true`.|
|keycloak.autodetect-bearer-only| *Required.* This should be set to true if your application serves both a web application and web services. It allows for the redirection of unauthorized users of the web application to the Identity Service sign in page, but send a HTTP 401 to unauthenticated SOAP or REST clients.|
|keycloak.token-store| *Required.* The location of where the account information token is stored. Possible values are `cookie` or `session`. **Note:** If you have Process Services configured with the Identity Service you must use the value `cookie` otherwise upon logging out of Process Services a user will be redirected to an error page, for more see [Run Identity Service with Process Services]({% link identity-service/latest/config/index.md %}#run-identity-service-with-process-services).|
|keycloak.autodetect-bearer-only| *Required.* This should be set to true if your application serves both a web application and web services. It allows for the redirection of unauthorized users of the web application to the Identity Service sign in page, but send a HTTP 401 to unauthenticated SOAP or REST clients. When setting `keycloak.autodetect-bearer-only` to `true`, the property `keycloak.token-store` needs to be set to `session`.|
|keycloak.token-store| *Required.* The location of where the account information token is stored. Possible values are `cookie` or `session`. If you want to set `keycloak.token-store` with `cookie`, you will need to set `keycloak.autodetect-bearer-only` to `false`. **Note:** For more see [Run Identity Service with Process Services]({% link identity-service/latest/config/index.md %}#run-identity-service-with-process-services).|
|keycloak.enable-basic-auth| *Optional.* Whether basic authentication is supported by the adapter. If set to `true` then a secret must also be provided.|
|activiti.use-browser-based-logout| *Optional.* Sets whether signing out of Process Services calls the Identity Service `logout URL`. If set to `true`, set the **Admin URL** to `https://{server}:{port}/activiti-app/` under the client settings in the Identity Service management console.|
|activiti.identity-service.cookie-auth-enabled| *Optional.* When set to `true` enables cookie-based authentication that will work alongside the Identity Service authentication.|
Expand Down