From cd85150edaf8d73dc2d476253f686736aeb2a62a Mon Sep 17 00:00:00 2001
From: Michael Joseph Walsh <github.com@nemonik.com>
Date: Thu, 14 Jan 2021 14:48:10 -0500
Subject: [PATCH] Update keycloak-idp.md

Correction to the documentation to address #2282.
---
 docs/keycloak-idp.md | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/docs/keycloak-idp.md b/docs/keycloak-idp.md
index 23f3eb08..80f1013e 100644
--- a/docs/keycloak-idp.md
+++ b/docs/keycloak-idp.md
@@ -26,6 +26,9 @@ Next, click save, get the client secret generated by Keycloak and start filling
 
 ![Keycloak client secret](images/keycloak-secret.png)
 
+Set the following in the docker-compose file:
+
+
 ```yaml
     - OAUTH2_GENERIC_APP_SECRET=<your-client-secret>
     - OAUTH2_GENERIC_CLIENT_SITE=http://<your-ip-address>:10081
@@ -35,7 +38,19 @@ Next, click save, get the client secret generated by Keycloak and start filling
     - OAUTH2_GENERIC_CLIENT_END_SESSION_ENDPOINT=http://<your-ip-address>:10081/auth/realms/master/protocol/openid-connect/logout
 ```
 
-Make sure the following variables are filled in the docker-compose file:
+`<your-ip-address>` is the IP address of your keycloak for this example this would be your IP address, but if your Keycloak existed elsewhere `<your-ip-address>` would be different for your deployment as would the port and the realm. 
+
+The following must also be configured:
+
+``yaml
+    - OAUTH2_GENERIC_USER_UID='username'
+    - OAUTH2_GENERIC_USER_NAME='full name'
+    - OAUTH2_GENERIC_USER_EMAIL='email'    
+```
+
+The values set may be different for your deployment.
+
+Also, make sure the following variables are filled in the docker-compose file:
 
 ```yaml
     - GITLAB_HOST='<your-ip-address>'
@@ -46,9 +61,10 @@ Make sure the following variables are filled in the docker-compose file:
     - OAUTH_BLOCK_AUTO_CREATED_USERS=false
     - OAUTH_AUTO_LINK_LDAP_USER=false
     - OAUTH_AUTO_LINK_SAML_USER=false
-    - OAUTH_EXTERNAL_PROVIDERS=Keycloak
 ```
 
+`<your-ip-address>` is the IP address of your GitLAB for this exampke this would be the your IP address, but if your GitLab was to be proxied or deployed elsewhere `<your-ip-address>` would be another value appropriate for your deployment.
+
 GitLab does not allow login from users in Keycloak with an empty email or name. To prevent this, you can create a new user in Keycloak or you can add email and name for the admin account.
 
 Visit the `Users` tab and click on `View all users` to modify the Admin user.
@@ -62,4 +78,4 @@ Deploy GitLab, Reddis and PostgreSQL by running the following command: `docker-c
 
 You can now login on the local GitLab instance with with Keycloak on your [local IP](http://localhost:10080).
 
-![gitlab-login](images/keycloak-gitlab-login.png)
\ No newline at end of file
+![gitlab-login](images/keycloak-gitlab-login.png)