KeyCloak SSO R&D

Created main group for the Adventure Ted family. Then, created child groups for separate departments. This allowed easier role assignment through inheritance.

(This process outlines the steps to create a default role mapping for typical end user access)

 (Assigning the composite role just created allows basic access for all users in child groups of Adventure Ted)

Next order of business left here for direction for myself or Ron

Oauth2 compose.yaml example

nginx.conf example to proxy all subdomains to oauth2

keycloak configuration once the other two are set up…

Seems we may have to create a realm per department, or find some other solution within to have each dept go to their respective resources. will continue digging.

Ts stuff is proving to be quite a pain. Perhaps and overhaul to a different solution. If only I had friends :C (I'm so alone)