From 40dbe243d977da413513bac9e959976cde718145 Mon Sep 17 00:00:00 2001
From: fpaupier <francois.paupier@gmail.com>
Date: Tue, 14 Dec 2021 03:23:16 +0100
Subject: [PATCH] update: keycloak binding documentation (#13894)

---
 docs/sts/keycloak.md | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/docs/sts/keycloak.md b/docs/sts/keycloak.md
index 1704e1c54..468dc8fa7 100644
--- a/docs/sts/keycloak.md
+++ b/docs/sts/keycloak.md
@@ -4,7 +4,8 @@ Keycloak is an open source Identity and Access Management solution aimed at mode
 
 ## Prerequisites
 
-Configure and install keycloak server by following [Keycloak Installation Guide](https://www.keycloak.org/docs/latest/getting_started/index.html) (finish upto section 3.4)
+Configure and install keycloak server by following [Keycloak Installation Guide](https://www.keycloak.org/docs/latest/server_installation/#installing-the-software).
+For a quick installation, docker-compose reference configs are also available on the [Keycloak GitHub](https://github.com/keycloak/keycloak-containers/tree/main/docker-compose-examples). 
 
 ### Configure Keycloak Realm
 - Go to Clients
@@ -27,7 +28,7 @@ Configure and install keycloak server by following [Keycloak Installation Guide]
   - Save
 
 - Go to Clients
-  - Client on `account`
+  - Click on `account`
   - Mappers
   - Create
     - `Name` with any text
@@ -37,7 +38,7 @@ Configure and install keycloak server by following [Keycloak Installation Guide]
     - `Claim JSON Type` is `string`
   - Save
 
-- Open http://localhost:8080/auth/realms/minio/.well-known/openid-configuration to verify OpenID discovery document, verify it has `authorization_endpoint` and `jwks_uri`
+- Open http://localhost:8080/auth/realms/{your-realm-name}/.well-known/openid-configuration to verify OpenID discovery document, verify it has `authorization_endpoint` and `jwks_uri`
 
 ### Enable Keycloak Admin REST API support
 Before being able to authenticate against the Admin REST API using a client_id and a client_secret you need to make sure the client is configured as it follows:
@@ -116,7 +117,7 @@ MINIO_IDENTITY_OPENID_COMMENT       (sentence)  optionally add a comment to this
 
 Set `identity_openid` config with `config_url`, `client_id` and restart MinIO
 ```
-~ mc admin config set myminio identity_openid config_url="http://localhost:8080/auth/realms/minio/.well-known/openid-configuration" client_id="account"
+~ mc admin config set myminio identity_openid config_url="http://localhost:8080/auth/realms/{your-realm-name}/.well-known/openid-configuration" client_id="account"
 ```
 > NOTE: You can configure the `scopes` parameter to restrict the OpenID scopes requested by minio to the IdP, for example, `"openid,policy_role_attribute"`, being `policy_role_attribute` a client_scope / client_mapper that maps a role attribute called policy to a `policy` claim returned by Keycloak