Error at login with Keycloak third-party authentication

Hello :wave:

I’m currently trying to implement third-party authentication using Keycloak, I’ve activated the keycloak OAuth2 backend provided by python-social-auth, I’m able to select my OAuth Provider in the login page and then provide my credentials in the keycloak form.

Then when the authentication is completed I’m redirected to the edX login page with the following error message :

An error occurred when signing you in to My Open edx.
We are sorry, you are not authorized to access My Open edx via this channel. Please contact your learning administrator or manager in order to access My Open edx.

Error Details:
Authentication failed: HTTPConnectionPool(host=‘localhost’, port=8080): Max retries exceeded with url: /auth/realms/ippon/protocol/openid-connect/token (Caused by NewConnectionError(’<urllib3.connection.HTTPConnection object at 0x7f8817920e50>: Failed to establish a new connection: [Errno 111] Connection refused’))

On the keycloak side, the logs say the login is successful. It seems like Open edX is blocking something :confused:

What am I missing ? I’ve followed this doc section to integrate my keycloak identity provider.

Thank for your help ! :slight_smile:

I halve solved the error, the keycloak was on a docker container and wasn’t in the same network as openedx.

However I’ve now a new error

An error occurred when signing you in to My Open edx.

We are sorry, you are not authorized to access My Open edx via this channel. Please contact your learning administrator or manager in order to access My Open edx.

Error Details:
Your credentials aren’t allowed

Any idea ?