Keycloak Integration

[ManuGeodis]

Environment

Other (Specify below)

System

Kubernetes- Helm

Version

3.1.1

Describe the problem

I'm attempting to integrate Keycloak authentication with Dashy but cannot use a public client configuration due to organizational security requirements.

Current Situation:

According to the documentation, Dashy's Keycloak integration only supports public clients:

appConfig:  auth:    enableKeycloak: true    keycloak:      serverUrl: 'https://keycloak.example.com'      realm: 'my-realm'      clientId: 'dashy'
The configuration schema does not accept a clientSecret property, which is required for confidential client authentication.

Requirements:

We have a Keycloak confidential client with both clientId and clientSecret
Our security policies require using confidential clients instead of public clients
We need to authenticate users via Keycloak using the client credentials flow
Questions:

Does Dashy support Keycloak confidential clients with client secret authentication?
If not, is this feature planned for future releases?
Are there any alternative authentication mechanisms that support client secrets?
Environment:

Dashy version: 3.1.1
Deployment: Kubernetes/Helm
Additional Context:

When attempting to add clientSecret to the configuration, I receive a validation error:

/appConfig/auth/keycloak must NOT have additional properties (clientSecret)
Any guidance or workaround would be appreciated.

Additional info

No response

Please tick the boxes

• You have explained the issue clearly, and included all relevant info
• You are using a supported version of Dashy
• You've checked that this issue hasn't already been raised
• You've checked the docs and troubleshooting guide
• You agree to the code of conduct