Yes! It’s works fine! I want to clarify that it is necessary to set the openid_connect_rp_initiated_logout_redirect variable.
@david I have one more question. Important question.
Now I’m in the final stages of testing Keycloak SSO, I need to choose a protocol - SAML or Openid Connect.
I liked Openid Connect better, but right now I have found an annoying problem with creating new users when using Openid Connect.
To understand the problem, I’ll start from the other side. When a new forum user is created using SAML, the user is created in SSO and transparently submitted for creation in Discourse. And it is immediately activated - this is important!
That is, when I click “Sign Up” on the Discourse forum, I go to Keycloak, where I create a user, confirm his mail, etc. After that, I am moved to the Discourse forum, where the user has already been created and ACTIVATED, automatically:
But if I use the Openid Connect plugin, then, when creating a new user, the following window appears:
This is extremely inconvenient! What for? After all, the user’s mail has already been confirmed when creating an account on SSO. Is there any way to get rid of this window?
Thank you very much in advance!