You are viewing the RapidMiner Go documentation for version 9.9 - Check here for latest version
Keycloak
Keycloak is an open source Identity and Access Management solution that can be used to authenticate RapidMiner Go users.
To find out more about Keycloak, visit: https://www.keycloak.org/
When using Keycloak, the RMID component of Go is not needed.
Configuration
Edit the .env
file to add the URL of your Keycloak installation: KEYCLOAK_URL=https://keycloak.mydomain.com
The KEYCLOAK_URL cannot be localhost
because it needs to be accessible from inside the AM docker container.
You can create the sample Go
realm by importing the realm file at keycloak/realm-export.json
This realm contains two OIDC clients - go-frontend
and go-backend
.
It also has 2 predefined roles:
go:user
- the default user roleam:admin
- admin role needed to access the automodeler Admin UI at/am/admin
Docker-compose configuration
You can find a sample docker-compose configuration in docker-compose-services-keycloak.yml
.
To enable Keycloak authentication in Go add keycloak
to Spring active profiles for the Automodeler service:
rapidminer-automodeler:
image: rapidminer/rapidminer-automodeler:${IMAGE_TAG_AM}
mem_limit: ${MEMORY_AM}
environment:
SPRING_PROFILES_ACTIVE: on-prem,db-postgresql,branding,keycloak
Here are some of the variables you might need to set:
KEYCLOAK_REALM: Go
KEYCLOAK_AUTH_SERVER_URL: ${KEYCLOAK_URL}/auth/
KEYCLOAK_RESOURCE: go-backend
FRONTEND_KEYCLOAK_CLIENT_ID: go-frontend