diff --git a/README.rst b/README.rst index 4954ec7..a127218 100644 --- a/README.rst +++ b/README.rst @@ -234,13 +234,19 @@ Setup Plone as a client * ``Use deprecated redirect_uri for logout url(/Plone/acl_users/oidc/logout)`` checked. Use this if you need to run old versions of Keycloak. - **Tip:** Leave the rest at the defaults, unless you know what you are doing. + * ``Open ID scopes to request to the server``: this depends on which version of Keycloak you are using, and which scopes are available there. + In recent Keycloak versions, you *must* include ``openid`` as scope. + Suggestion is to use ``openid`` and ``profile``. + + * **Tip:** Leave the rest at the defaults, unless you know what you are doing. * Click ``Save``. **Plone is ready done configured!** -[TODO] screenshot. +See this screenshot: + +.. image:: docs/screenshot-settings.png *Warning:* @@ -358,4 +364,4 @@ The project is licensed under the GPLv2. .. _`collective.regenv`: https://pypi.org/project/collective.regenv/ .. _`Products.mcdutils`: https://pypi.org/project/Products.mcdutils/ -.. _PKCE: https://datatracker.ietf.org/doc/html/rfc7636 \ No newline at end of file +.. _PKCE: https://datatracker.ietf.org/doc/html/rfc7636 diff --git a/docs/screenshot-settings.png b/docs/screenshot-settings.png new file mode 100644 index 0000000..da7eec8 Binary files /dev/null and b/docs/screenshot-settings.png differ diff --git a/setup.cfg b/setup.cfg index 4db9721..07e1dc0 100644 --- a/setup.cfg +++ b/setup.cfg @@ -1,9 +1,12 @@ [check-manifest] ignore = *.cfg + *.txt .coveragerc .editorconfig .gitattributes + .gitlab-ci.yml + tox.ini [isort] # black compatible isort rules: