So you are new to Keycloak and you have to get it running quickly. You first have to figure out what it is and then how to use it on your machine. This is my tail of getting to know Keycloak from the local setup aspect.

Go get the download.

Image for post
Image for post

Now, I am working on a MacBook Pro so everything I do in this article will be from that aspect. Once, you get the tar file downloaded simply double click on it and will be extracted for you. It is kind of like magic, but not.

Image for post
Image for post

Now get your terminal window fired up and navigate to the folder that just got extracted. Do an ‘ls’ in the directory and you should have something like this.

Image for post
Image for post

Now to start the Keycloak local server, just enter ‘bin/standalone.sh’

Image for post
Image for post

When it is done you should be able to open a browser and navigate to ‘http://localhost:8080/auth’

Image for post
Image for post

The very first thing you need to do is create your admin user. Since this a local development setup I use the old trusty admin — admin. SO enter username = ‘admin’ and then both password fields = ‘admin’ and you should see a message that the user was created.

Next click the link Administration Console and log in. This will take you to the ‘Master’ realm. You can think of the Master realm as a galaxy and think of Keycloak as the universe it lives in. As a general rule to live by don’t mess with the Master realm.

The first thing we need to do now is add a new realm and call it sample-api.

Image for post
Image for post
Image for post
Image for post

Select ‘Create’ and you should be taken to the sample-api realm settings page.

Image for post
Image for post

Next select ‘Clients’ from the left menu. This is a list of the default clients. Select “Create” from the right side of the grid.

Image for post
Image for post

I just went simple with sample-api for the name and for future use Root URL = ‘http://localhost:5000’. Select ‘create’ and you will be taken to the client settings for sample-api.

Image for post
Image for post

Select ‘save’. Now, select the newly created ‘Credentials’ tab. Remember this spot you will need this code a little bit later.

Image for post
Image for post

Next select the ‘Roles’ tab and then click ‘Add Role’

Image for post
Image for post

Add an ‘admin’ role and repeat the process to add a ‘user’ role.

Image for post
Image for post

Next, select ‘Roles’ from the lefthand menu and then ‘Add Role’

Image for post
Image for post

Add the ‘admin’ role and the ‘user’ role.

Image for post
Image for post

Now from the lefthand menu select ‘Users’ and then ‘Add User’

Image for post
Image for post
Image for post
Image for post

Make sure you flip the ‘Email Verified’ switch and then select ‘Save’. Next select the ‘Role Mappings’ tab. Select ‘sample-api’ from the ‘Client Roles’ dropdown, then add the ‘users’ role to the ‘Assigned Roles’ listbox.

Image for post
Image for post
Image for post
Image for post

Select the ‘Credentials’ tab to set the password for our test users. Make sure to flip the switch ‘Temporary’ and the select ‘Set Password’

Now rinse and repeat and create ‘Api-admin’ user.

Image for post
Image for post
Image for post
Image for post
Image for post
Image for post

Users are setup and roles are mapped. Now select ‘Realm Settings’ from the left menu. Select ‘OpenID Endpoint Configuration’ from the ‘Endpoints’ text boxes. Copy the address for the token endpoint.

Image for post
Image for post

Now open postman and set it to post to the url from above. Enter in the following values for the Body. To get your client secret go back to the Keycloak admin and select ‘Clients’ from the lefthand menu the select ‘sample-api’ from the table. Next, select the ‘Credentials’ tab and copy the ‘Secret’ and put it in postman in the ‘client_secret’ value.

Image for post
Image for post

Once you have entered all the values click ‘Send’. Here is the sticking point if I have written this correctly and you have followed it completely then You should get a response similar to the screen shot below.

Image for post
Image for post

My next post will expand on this with a Node/Typescript API.

Old guy, five kids, one grandkid, two dogs. Loving my life. Doing what I love for a living

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store