Keycloak Server URL {{focus-input id="keycloak-url" type="text" value=keycloakConfig.url class=(if KeycloakUrlError "form-control is-invalid" "form-control")}} e.g. http://localhost:8888/auth

Keycloak Realm {{input id="keycloak-realm" type="text" value=keycloakConfig.realm class=(if KeycloakRealmError "form-control is-invalid" "form-control")}} e.g. main

Keycloak Realm Public Key {{textarea id="keycloak-publicKey" type="text" value=keycloakConfig.publicKey rows=7 class=(if KeycloakPublicKeyError "form-control is-invalid" "form-control")}} Copy the RSA Public Key from Realm Settings → Keys

Keycloak OIDC Client ID {{input id="keycloak-clientId" type="text" value=keycloakConfig.clientId class=(if KeycloakClientIdError "form-control is-invalid" "form-control")}} e.g. account

Keycloak Group ID (Optional) {{input id="keycloak-group" type="text" value=keycloakConfig.group class="form-control"}} If you want to sync users in a particular Group (e.g. "Documize Users"), provide the Group ID (e.g. 511d8b61-1ec8-45f6-bc8d-5de64d54c9d2)

Keycloak Username {{input id="keycloak-admin-user" type="text" value=keycloakConfig.adminUser class=(if KeycloakAdminUserError "form-control is-invalid" "form-control")}} Used to connect with Keycloak and sync users with Documize (create user under Master Realm and assign 'view-users' role against Realm specified above)

Keycloak Password {{input id="keycloak-admin-password" type="password" value=keycloakConfig.adminPassword class=(if KeycloakAdminPasswordError "form-control is-invalid" "form-control")}} Used to connect with Keycloak and sync users with Documize

Disable Logout {{x-toggle value=keycloakConfig.disableLogout size="medium" theme="light" onToggle=(action (mut keycloakConfig.disableLogout))}}

Can Create Spaces {{x-toggle value=keycloakConfig.defaultPermissionAddSpace size="medium" theme="light" onToggle=(action (mut keycloakConfig.defaultPermissionAddSpace))}}

LDAP Server {{focus-input id="ldap-host" type="text" value=ldapConfig.serverHost class=(if ldapErrorServerHost "form-control is-invalid" "form-control")}} IP or host address, e.g. ldap.example.org, 127.0.0.1

LDAP Server Port {{input id="ldap-port" type="number" value=ldapConfig.serverPort class=(if ldapErrorServerPort "form-control is-invalid" "form-control")}} Port number, e.g. 389

Encryption

Base DN {{input id="ldap-baseDN" type="text" value=ldapConfig.baseDN class="form-control"}} Starting point for search filters, e.g. ou=users,dc=example,dc=com

Bind DN {{input id="ldap-bindDN" type="text" value=ldapConfig.bindDN class=(if ldapErrorBindDN "form-control is-invalid" "form-control")}} login credentials for LDAP server

Bind Password {{input id="ldap-bindPassword" type="password" value=ldapConfig.bindPassword class=(if ldapErrorBindPassword "form-control is-invalid" "form-control")}} login credentials for LDAP server

User Filter {{input id="ldap-userFilter" type="text" value=ldapConfig.userFilter class=(if ldapErrorNoFilter "form-control is-invalid" "form-control")}} Search filter for finding users, e.g. (|(objectClass=person)(objectClass=user)(objectClass=inetOrgPerson)) Specify User Filter and/or Group Filter

Group Filter {{input id="ldap-groupFilter" type="text" value=ldapConfig.groupFilter class=(if ldapErrorNoFilter "form-control is-invalid" "form-control")}} Search filter for finding users via groups, e.g. (&(objectClass=group)(|(cn=ship_crew)(cn=admin_staff)))

User Attribute RDN {{input id="ldap-attributeUserRDN" type="text" value=ldapConfig.attributeUserRDN class=(if ldapErrorAttributeUserRDN "form-control is-invalid" "form-control")}} Username/login attribute, e.g. uid in LDAP, sAMAccountName in Active Directory User Attributes used to retreive data when using User Filter

User Attribute Firstname {{input id="ldap-attributeUserFirstname" type="text" value=ldapConfig.attributeUserFirstname class=(if ldapErrorAttributeUserFirstname "form-control is-invalid" "form-control")}} Firstname attribute, e.g. givenName

User Attribute Lastname {{input id="ldap-attributeUserLastname" type="text" value=ldapConfig.attributeUserLastname class=(if ldapErrorAttributeUserLastname "form-control is-invalid" "form-control")}} Lastname attribute, e.g. sn

User Attribute Email {{input id="ldap-attributeUserEmail" type="text" value=ldapConfig.attributeUserEmail class=(if ldapErrorAttributeUserEmail "form-control is-invalid" "form-control")}} Email attribute, e.g. mail

Group Attribute Member {{input id="ldap-attributeGroupMember" type="text" value=ldapConfig.attributeGroupMember class=(if ldapErrorAttributeGroupMember "form-control is-invalid" "form-control")}} Attribute that identifies individual group member, e.g. member or uniqueMember Group Attributes used to retreive data when using Group Filter

Disable Logout {{x-toggle value=ldapConfig.disableLogout size="medium" theme="light" onToggle=(action (mut ldapConfig.disableLogout))}}

Can Create Spaces {{x-toggle value=ldapConfig.defaultPermissionAddSpace size="medium" theme="light" onToggle=(action (mut ldapConfig.defaultPermissionAddSpace))}}

Dual Login {{x-toggle value=ldapConfig.allowFormsAuth size="medium" theme="light" onToggle=(action (mut ldapConfig.allowFormsAuth))}} Enable login via LDAP and regular Documize email/password (useful for testing LDAP)

{{ui/ui-button color=constants.Color.Yellow light=true label="Test →" onClick=(action "onLDAPPreview")}} {{ui/ui-button-gap}} {{/if}} {{#if isCASProvider}}

CAS Server URL {{focus-input id="cas-url" type="text" value=casConfig.url class=(if casErrorUrl "form-control is-invalid" "form-control")}} e.g. http://localhost:8888/auth

Documize CAS URL {{focus-input id="cas-redirect-url" type="text" value=casConfig.redirectUrl class=(if casErrorRedirectUrl "form-control is-invalid" "form-control")}} e.g. http://Documize URL/auth/cas

{{/if}} {{ui/ui-button color=constants.Color.Green light=true icon=constants.Icon.Locked label=constants.Label.Activate onClick=(action "onSave")}} {{#if (gt keycloakFailure.length 0)}}

Keycloak connection failed: {{keycloakFailure}}