Single Sign-On (SSO) Login into Prestashop with Keycloak using OAuth 2.0

Prestashop OAuth Client module allows you to perform secure Single Sign-On (SSO) into your Prestashop store using Keycloak as OAuth provider. Configure Prestashop OAuth Client for user authentication which verifies the identity of a user attempting to gain access to Prestashop with Keycloak Login. Prestashop OAuth Client Single Sign-On (SSO) module also configures custom providers and standard IDPs. It supports advanced Single Sign-On (SSO) features such as user profile Attribute mapping, Role mapping, etc. Here we will go through a guide to set up Prestashop OAuth Client with Keycloak login credentials. Adding Keycloak OAuth & OpenID connect Single Sign-On (SSO) to Prestashop lets your users quickly and securely log in to your Prestashop store with Keycloak login without having to remember a username and password.

Pre-requisites: Download And Installation

You need to download and install the miniOrange OAuth Client plugin to set up Single Sign-On with your Prestashop Store.

Steps to configure Prestashop OAuth Login with Keycloak

1. Setup Keycloak as OAuth Provider

• In the miniOrange PrestaShop OAUTH SP SSO plugin, navigate to Oauth Redirect URL section. Here, you can find Oauth Redirect URL required to configure the Keycloak as IdP (Identity Provider).
• In your Keycloak Admin console, select the realm you want to use.
• Click on Clients from the left menu and then click on Create button to create a new client/application.


• Enter Client ID and select Client type as Openid-Connect and select Next.



• Click on the toggles for Make the Client authentication and Authorization and select Standard flow and Direct access grants in Authentication flow.


• Click on Save.


• Enter Valid Redirect URI: Copy callback URL from plugin and copy the same (callback URL) for Root URL then click on SAVE.


• Client Secret: Go to Clients section and select Credentials tabs and copy the Client Secret.


• Add User: We need to add users to realm who will be able to access the resources of realm. Click on Users and select Create user.


• Required user actions (optional): Select the required user action.
• Groups (optional): Select the user whom you want to add in group. Select Groups option from tab and then select the group-name and click on Join Groups.
• User Configuration: After user is created a password is needed to be set for the user. To set a password click on Credentials and set your desired Password for the user. Click on Save.



NOTE : Disabling Temporary will make user password permanent.

• Map User: Click on Role Mapping and assign the user desired role from available roles and click on Assign.



You have successfully configured Keycloak as OAuth Provider into your Prestashop Store.

2. Setup Prestashop as OAuth Client

• Navigate to Realm Settings, click on OpenID Endpoint Configuration mentioned as Endpoints in the General tab.


• Copy the token endpoint and userinfo_endpoint.


• Go to the OAuth Client section in the module and enter the following details:

Keycloak OAuth Endpoints and Scope:




OAuth Client ID	Enter the value copied from Keycloak in the previous steps
OAuth Client Secret	Enter the value copied from Keycloak in the previous steps
OAuth Scope	openid
OAuth Redirect callback	Enter the value copied from Keycloak
OAuth Token endpoint	Enter the value copied from Keycloak
OAuth user info endpoint	Enter the value copied from Keycloak



• Click on Save to save the configuration.

3. Testing SSO

• Once you Save the configuration, Enable SSO for Back office and Enable SSO for Front office toggles and the click on Update button. Click on Test Configuration to test the SSO.

You've successfully configured Prestashop as OAuth Client to securely gain access to the Prestashop store with Keycloak OAuth & OpenID connect sign-in. Prestashop OAuth Client module improves the Prestashop login process for user authentication.

Additional Resources

• What is Single Sign-On (SSO)?
• Single Sign On (SSO) For Prestashop
• Prestashop OAuth SSO
• Prestashop Keycloak SSO using SAML
• Frequently Asked Questions (FAQs)
• Prestashop OAuth SSO using PKCE
• Frequently Asked Questions (FAQs)