Rocket.Chat's Community Open Call 🎤 Jan 19th, 2022 Join us!

Automatic user authentication to Rocket.Chat iframe using Keycloak

Description

I’ve recently integrated a Rocket.Chat instance (running on Kubernetes) into an application via an iframe, and used the Keycloak OAuth guide to log the users into the Rocket.Chat instance using the same Keycloak client as the main application (I skipped creating a new client and just used the existing one). This works well enough, but I would like the login to the Rocket.Chat iframe to be seamless, without having to click on the “Login with Keycloak” button. Meaning that once the user logs into the app, and enters the chat page, the login would happen automatically.

I’ve looked at some of the documentation pages such as the Single Sign-on Iframe page, but none of them seem to offer a definitive solution for automatic Keycloak / OAuth login.

Specifically, the above page appears to offer some kind of solution with opening an endpoint for fetching a login token, but that seems to me like overkill for what looks like a relatively simple issue to solve once you have some sort of OAuth running already.

Server Setup Information

Deployed using Helm, with the image rocketchat-3.1.0. Running 1 replica set.

Any additional Information

Any help with this matter would be greatly appreciated and I would be happy to provide further details upon questioning. Thanks!