Keycloak Google Identity Provider : Could not fetch attributes from userinfo endpoint

1
votes

Hi i'm trying implement Google authentication in keycloak, but when i try login, throw this error. Already enabled Google+ API and the error persist.

WARN [org.keycloak.events] (default task-126) type=LOGIN_ERROR, realmId=smarttracking, clientId=null, userId=null, ipAddress=172.18.0.1, error=identity_provider_login_failure

ERROR [org.keycloak.broker.oidc.AbstractOAuth2IdentityProvider] (default task-42) Failed to make identity provider oauth callback: org.keycloak.broker.provider.IdentityBrokerException: Could not fetch attributes from userinfo endpoint.

1
keycloakidentityprovider

1 Answers

0
votes

I get the same error with an old version with Keycloak. This is because Keycloak use a legacy endpoint to get user informations https://www.googleapis.com/plus/v1/people/me/openIdConnect.

When I tried to use this endpoint using cURL I get this error:

curl -H "Authorization: Bearer $G_TKN"  https://www.googleapis.com/plus/v1/people/me/openIdConnect

Legacy People API has not been used in project xxxxx before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/legacypeople.googleapis.com/overview?project=xxxxx then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.

So I think you need to enable this API following given link.