Configuring Keycloak

Before configuring, ensure that Keycloak is up and running. By default, you can access the Admin Console at: http://localhost:8180.

Default credentials:

username: admin

password: admin

Manual Configuration

Below are the steps to configure Keycloak.

  1. Create Realm
    1. Open the Keycloak Admin Console.
    2. Click on the Keycloak dropdown and select Keycloak master.
    3. Click Create realm.

    4. Create a realm window that will appear.
    5. Enter Realm name (myrealm).
    6. Click Create.

    7. Realm has been created successfully.
  2. Create a Client
    1. Open the Keycloak Admin Console (http://localhost:8180/).
    2. Click on the Keycloak dropdown menu and select myrealm.
    3. Click Clients.
    4. A Client's window will appear.
    5. Click Create client.

    6. Enter the Client type and Client ID names in the general settings.

      Example:

      Client type: OpenID

      Connect Client ID: demo

    7. Click Next.
    8. Select the Direct access grants checkbox in the authentication flow.
      Note:
      • Don’t enable Client authentication.
      • You can select/enable the other options as per your requirement.

    9. Click Next and Save.
    10. Client has been created successfully.
  3. Create a Role
    1. Click Clients in the left-hand menu.
    2. Select the created client (e.g., demo).

    3. Navigate to the Roles tab.
    4. Click on Create role.

    5. Enter the Role name (USER) and Description of the role.

    6. Click Save.
    7. Role has been created successfully.
  4. Create a User
    1. Click Users in the left-hand menu.
    2. Click Create new user.

    3. Enter the following details:
      • Username
      • First name
      • Last name
      • Email

    4. Click Create.
    5. User has been created successfully.
  5. Set User Credentials.
    1. Click Users in the left-hand menu.
    2. Select the created user.

    3. Go to the Credentials tab.
    4. Click on Set Password.

    5. Enter the following details:
      • Password
      • Password confirmation
      • Temporary: disable the toggle button if you don't want to reset the password on the first login.

    6. Click Save.
    7. User credentials have been set successfully.
  6. Assign role to User (Optional – for RBAC)
    1. Click Users in the left-hand menu.
    2. Click on the created user.
    3. Go to the Role mapping tab.
    4. Click on Assign role.

    5. Assign roles to the user window that will appear.
    6. Search for the required role.
    7. Select the required role checkbox.

    8. Click on the Assign.
    9. A role has been successfully assigned to the user.
  7. Verify Configuration Endpoints
    1. Select the realm (myrealm) you created.
    2. Click on Realm settings under Configure in the left-hand menu.
    3. A settings window will appear.
    4. Click OpenID Endpoint Configuration link in the Endpoints.

    5. Now, the user can see the issuer URL as highlighted in the image.

Note:
The user needs to keep the issuer URL and client ID safe for future references, like while enabling the SSO.

Now, the configuration of the Keycloak setup has been successfully completed.

Import Realm Configuration

Instead of manual setup, you can import the pre-configured realm file provided below by following the steps below.

Steps to Import the Realm file:

  1. Open the Keycloak Admin Console.
  2. Click on the Keycloak dropdown and select Keycloak master
  3. Click on Create Realm
  4. Select Browse…
  5. Select the attached file.
  6. Click on Create.
  7. Now, the Realm has been imported successfully.
realm-export.json