KeyCloak Installation and Basic Configuration::

 Installation::

========================

Download keycloak from keycloak.org/downloads

 wget https://github.com/keycloak/keycloak/releases/download/22.0.3/keycloak-22.0.3.tar.gz

 tar -zxvf keycloak-22.0.3.tar.gz

Create Self-signed certificate for Keycloak

openssl req -newkey rsa:2048 -nodes -keyout keycloak-server.key.pem -x509 -days 3650 -out keycloak-server.crt.pem

Copy the key and cert to /usr/share/ssl-cert/

cd keycloak-22.0.3

cd conf

Edit keycloak.conf to  update hostname, certificate and key location in Prod Environment. As this is a test environment, I am using a self-signed certificate and the server local ipaddress.

https-certificate-file=/usr/share/ssl-cert/keycloak-server.crt.pem

https-certificate-key-file=/usr/share/ssl-cert/keycloak-server.key.pem

hostname=172.16.22.136

Goto Keycloak/bin and run the build and start up commands below

./kc.sh build

nohup ./kc.sh start &

Configuration::

==============================

For Keycloak server configuration follow the server administration doc in the Url:- https://www.keycloak.org/docs/latest/server_admin/

Initially login to the Keycloak as admin user. You can create the admin user and password  from the console or set environment variables 

KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=password

Create New Realm under the Create Realm Menu. A realm manages a set of users, credentials, roles and groups. Master realm is provided as a default realm in Keycloak. Creating multiple realms can enable multiple tenency.

To enable user registration, Goto  under Realm Settings--> Login--> Enable User Registration

To enable Client Authentication, Goto  Clients--> Enable Client Authentication

To Apply new themes, copy the custom theme jar file under the providers folder and run 

"/bin/kc.sh config" command to configure and install the custom providers.

User Management in Keycloak::-

* Self Registration

* From Admin Console

* User Federation

* Automation via API's