Skip to content

feat: User sync, token API, and architecture docs#1

Merged
rubenvdlinde merged 2 commits into
mainfrom
feat/exapp-wrapper
Mar 5, 2026
Merged

feat: User sync, token API, and architecture docs#1
rubenvdlinde merged 2 commits into
mainfrom
feat/exapp-wrapper

Conversation

@rubenvdlinde

@rubenvdlinde rubenvdlinde commented Mar 5, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Add Nextcloud-to-Keycloak user sync (on init, on-demand, via API)
  • Add token endpoint (POST /api/token) for ExApp-to-ExApp server-side authentication with shared secret
  • Include id_token in token API response (required by OpenTalk's v1/auth/login)
  • Add comprehensive README with component overview, Mermaid infrastructure and sequence diagrams

Architecture

The Keycloak ExApp serves as the centralized OIDC identity provider for all Common Ground ExApps:

  • OpenTalk — Video conferencing SSO (iframe-embedded)
  • OpenZaak — ZGW case management auth
  • Valtimo — BPM platform SSO
  • OpenKlant — Customer registry auth

Test plan

  • Keycloak ExApp starts and syncs all Nextcloud users
  • POST /api/token with shared secret returns valid JWT tokens including id_token
  • OpenTalk can fetch tokens via the Keycloak ExApp and authenticate users
  • Keycloak admin console accessible via Nextcloud proxy

🤖 Generated with Claude Code

rubenvdlinde and others added 2 commits March 5, 2026 08:57
@rubenvdlinde @claude
fix: Rewrite Dockerfile to use UBI9-minimal base for glibc compatibility
b3b8ef9 
UBI9-micro has no package manager, and copying Python from other images
caused glibc mismatches. Switch to ubi9/ubi-minimal with microdnf to
install Python 3.11 and Java 21 natively alongside Keycloak binaries.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubenvdlinde @claude
feat: Add user sync, token API, and comprehensive documentation
3fadebc 
Add Nextcloud-to-Keycloak user sync (on init, on-demand, via API), token
endpoint for ExApp-to-ExApp server-side auth with shared secret, id_token
in response, and full architecture docs with Mermaid diagrams.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubenvdlinde rubenvdlinde merged commit 86541a2 into main Mar 5, 2026
2 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@WilcoLouwerse WilcoLouwerse WilcoLouwerse approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rubenvdlinde @WilcoLouwerse