DEV Community

Felipe Mattioli
Felipe Mattioli

Posted on

1

Feijuca.Auth - Part 1: Configuring the tool

Feijuca.Auth overview:
Feijuca.Auth is a solution designed to simplify integration with Keycloak, providing a NuGet package and an API with endpoints related to authentication, authorization, access control management (RBAC), client and realm creation, client scope creation, and more. Feijuca.Auth.Api also allows you to use Keycloak in a multitenant context, where each realm is treated as a separate tenant. For full documentation, refer to the Feijuca.Auth guide.

Practical example: If you want to see how the API will look after completing the configurations, check out the Swagger definition. Many endpoints require a token for access. To use the API effectively, ensure you follow the configuration steps outlined below.

Steps to setting up Feijuca.Auth.Api:

Configure the Master Realm: In the Keycloak Admin, create a client with permissions to manage the realm. This allows Feijuca.Auth to generate access tokens and execute actions based on your needs. Details about how to do it can be found here.
Feijuca.Auth performs no actions autonomously. Every operation is initiated by you through using the endpoints.

Configure Feijuca.Auth.Api: This second configuration involves specifying the URL, Client ID, and Client Secret that were previously created. Here's a breakdown of the process: 
The credentials are stored in a MongoDB database set up by you, ensuring secure and consistent storage of this sensitive data. 
Does not have a mongodb instance? You can create one free using MongoDB Atlas.
Currently, a MongoDB connection string needs to be provided. However, if you'd like to contribute to the project and change it to add support to a database of your choice, feel free to contribute :)

Environment Variable for Connection: The connection string related to the created database is provided as an environment variable when starting the container with the Feijuca docker image. This ensures that the Feijuca container can access the database to retrieve the necessary configuration and generate tokens with the correct permissions to handle the realms.
Details about this step can be found here.

Restarting the container: After using the configuration endpoint, you need to restart the Feijuca container. This ensures that Feijuca applies configurations based on the saved information. Once restarted, Feijuca is ready to perform actions on your realm.
On Feijuca.Auth project, a realm can be referred to as a tenant, as Feijuca.Auth supports multitenant usage in Keycloak. For each request, the target realm/tenant must be specified via a header.

Example Usage:
To use the /users/login endpoint, specify the desired realm name (tenant) in the request header. This determines where the action will be performed.

/Header definition/

CURL example of a request made using Feijuca.Auth.Api

If you have any questions while reading this article, please refer to the documentation, where you will find a detailed step-by-step guide explaining the actions precisely. This article is intended only to provide a brief overview of the Feijuca.Auth configuration process.

API Trace View

Struggling with slow API calls? đź‘€

Dan Mindru walks through how he used Sentry's new Trace View feature to shave off 22.3 seconds from an API call.

Get a practical walkthrough of how to identify bottlenecks, split tasks into multiple parallel tasks, identify slow AI model calls, and more.

Read more →

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

đź‘‹ Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay