Configuring Azure Entra ID as an IdP in Keycloak: A Detailed Guide
This article provides a comprehensive guide on configuring Azure Entra ID (formerly Azure Active Directory) as an Identity Provider (IdP) in Keycloak for a Spring Boot WebFlux application. It details the steps involved in both Azure and Keycloak configurations, including application creation, OpenID Connect setup, client secret and redirect URI configuration, and mapping Azure groups to Keycloak roles for user authorization. The author shares crucial tips and workarounds, such as switching the Azure interface to English for clearer terminology and selecting the appropriate IdP type in Keycloak. The guide culminates in a fully functional authentication and authorization flow, with a detailed explanation of including roles in the JWT token for backend access.