# Keycloak Configuration

This session shows how to register a client on the Keycloak Server. When registering the client, we are getting the following four values that are needed for later configuration in Datawiza Cloud Management Console (DCMC):

Keycloak Server
The Keycloak Server is the Keycloak server address. Notice that we use the IP Address instead of localhost for Keycloak Server while we start DAB with docker. For the author, it is http://172.16.181.1:8080.
Realm Name
Client ID
Client Secret

# Prerequisite

We assume that you already have a Keycloak Server running on http://localhost:8080.

# Add New realm

Create a new realm.
Enter the realm name, which is the Realm Name we need, and click Create.

# Create and Configure your Keycloak Client

Create a Client.
Select Clients tab and click Create:

Enter the client name, which is the Client ID we need, and click Save.
Configure the client.
Select confidential in Access Type:
Open Authorization Enabled and Service Accounts Enabled should be opened automatically:
Enter the Valid Redirect URIs, which should be the address of DAB, e.g., http://localhost:9772/*, then click Save:
Now, the Credentials tab should be shown. Select it and make a copy of Secret as Client Secret:

# Create Groups and Users

Create groups.
Choose Groups and click New:
Enter the group name and click Save:
Create Users.
Choose Users and click Add user:

Enter the basic information and click Save:

Select Credentials tab and enter the password, close the Temporary for test purpose. Click Set Password:
Add Client Roles to get user profile.(Optional).
Select Role Mappings and choose realm-management in Client Roles:

Add view-users:
Assign user to group.
Select Groups tab, choose the group we created and click Join:

# Summary

We have shown how to register a client on Keycloak. Please make sure to save the following four values for later setting in Datawiza Cloud Management Console.

Keycloak Server
Realm Name
Client Id
Client Secret

← G Suite Okta →