Skip to content

Keycloak Setup

Overview

Keycloak integration setup for OVES Access Management.

Prerequisites

  • Java 11 or higher
  • Docker (optional)
  • PostgreSQL database

Installation Steps

1. Docker Installation

docker run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:latest start-dev

2. Configuration

  1. Access Keycloak admin console at http://localhost:8080
  2. Create new realm for OVES
  3. Configure identity providers
  4. Set up user federation

Integration with OVES

Client Configuration

{
  "client_id": "oves-access-management",
  "client_secret": "your-secret-here",
  "redirect_uri": "http://localhost:3000/auth/callback"
}

User Mapping

Map Keycloak user attributes to OVES user properties:

  • email → User email
  • groups → OVES roles
  • sub → User ID

Testing

Verify integration by:

  1. Logging in through Keycloak
  2. Checking user role assignments
  3. Testing resource access permissions

For detailed configuration, see Azure AD Setup for comparison.