fix(univention-management-stack): Bump Keycloak Extensions chart and configure the /univention/meta.json to be retrieved from ums-stack-gateway to avoid the inline 404 during Keycloak login.

2025-12-07 07:51:38 +01:00 · 2024-02-27 11:52:01 +01:00
parent 8807b24ce0
commit 2023d5bce4
3 changed files with 17 additions and 4 deletions
--- a/docs/components.md
+++ b/docs/components.md
@@ -113,8 +113,13 @@ The Filestore can be enabled on a per-project level in OpenProject's project adm
 # Identity data flows

 An overview of
- components that consume the LDAP service. Mostly by using a dedicated LDAP search account.
- components using Univention Keycloak as identity provider (IdP). If not otherwise denoted based on the OAuth2 / OIDC flows.
+- components that consume the LDAP service.
+  - The components accessing the LDAP using a component specific LDAP search account.
+- components using Univention Keycloak as identity provider (IdP).
+  - If not otherwise denoted the components make use of OAuth2 / OIDC flows.
+  - All components have a client configured in Keycloak, except for Jitsi which is using authentication with the
+    [Authorization Code Flow](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth) that does not
+    require an OIDC client to be configured in Keycloak.

 Some components trust others to handle authentication for them.