Does anyone already have experience in linking ErpNext and any SSO?
If yes could you please guide me a bit which way to look?
It’s quite strange and funny, but I couldn’t find any relevant and up-to-date info on this topic.
I saw several messages with different ideas like: create separate python-app for SSO or using Keycloak and try to connect to ErpNext but no any detailed and confirmed info.
Do we have in ErpNext any SSO options out-of-box?
If no then could you please recommend me how I can do it by myself?
Or do we have plan to add such functionality?
hi there!
I found out that looks like it’s possible to link Keycloack and Erpnext via Custom Social Login.
And I tried to connect them together.
But I faced a strange problem and got an error.
I tried it quite a few times with different settings but every time I faced similar error.
x
Traceback (most recent call last):
File "apps/frappe/frappe/website/serve.py", line 18, in get_response
response = renderer_instance.render()
File "apps/frappe/frappe/website/page_renderers/template_page.py", line 84, in render
html = self.get_html()
File "apps/frappe/frappe/website/utils.py", line 510, in cache_html_decorator
html = func(*args, **kwargs)
File "apps/frappe/frappe/website/page_renderers/template_page.py", line 95, in get_html
self.update_context()
File "apps/frappe/frappe/website/page_renderers/template_page.py", line 163, in update_context
data = self.run_pymodule_method("get_context")
File "apps/frappe/frappe/website/page_renderers/template_page.py", line 225, in run_pymodule_method
return method(self.context)
File "apps/frappe/frappe/www/login.py", line 82, in get_context
"auth_url": get_oauth2_authorize_url(provider.name, redirect_to),
File "apps/frappe/frappe/utils/oauth.py", line 63, in get_oauth2_authorize_url
flow = get_oauth2_flow(provider)
File "apps/frappe/frappe/utils/oauth.py", line 91, in get_oauth2_flow
oauth2_providers = get_oauth2_providers()
File "apps/frappe/frappe/utils/oauth.py", line 42, in get_oauth2_providers
out[provider.name]["auth_url_data"] = json.loads(provider.auth_url_data)
File "/usr/local/lib/python3.10/json/__init__.py", line 346, in loads
return _default_decoder.decode(s)
File "/usr/local/lib/python3.10/json/decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
File "/usr/local/lib/python3.10/json/decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
sorry.
I did it quite long ago, but if I am not mistaken then settings on my screen are correct and you need
just set similar ones but with Links from your keycloak system.
Also you should set up keycloak properly
Usually status 401 means like:
401 Unauthorized response status code indicates that the client request has not been completed because it lacks valid authentication credentials for the requested resource .
It shows that looks like some credentials are incorrect.
Did you try to connect keycloak to any other app? (not ERPNext)
Do you have experience in it? (or just first time?)
Also did you check logs in Erpnext? Usually you can find what’s wrong from them.