sajad torkamani

Start Keycloak container

docker run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin start-dev

This will:

  • Start Keycloak server on http://localhost:8080.
  • Create an initial admin user with username admin and password admin.

Login to the admin console

Go to http://localhost:8080 and login with the credentials from the previous step.

Create a realm

A realm in Keycloak is equivalent to a tenant (what is a tenant?). It lets you create isolated groups of applications and users. By default, there’s a single master realm that’s used to manage Keycloak. It shouldn’t be used for your own applications.

Create your first realm:

  1. Navigate to the Keycloak Admin Console
  2. Hover the mouse over the dropdown in the top-left corner where it says Master, then click on Add realm
  3. Fill in the form with the following values:
    • Name: myrealm
  4. Click Create
Keycloak: create a realm

Create user with credentials

  • Go to Users -> Add User > Fill in details.
  • After creating the user, go to the user’s details and to Credentials tab.
  • Set password and uncheck the Temporary field.

Login to account console

Keycloak account management console

Secure your first app

  1. Open the Keycloak Admin Console
  2. Go to Clients > Create
  3. Fill in the form with the following values:
    1. Client ID: myclient
    2. Client Protocol: openid-connect
    3. Root URL:
  4. Go to and click Save to use the default config.
  5. Click Sign in.
  6. Enter the credentials you created earlier.
Secure app using Keycloak.

Key terms / jargon

RealmIsolated group of applications and users.
ClientAn application that will need to authenticate against Keycloak. This could be a web app, mobile app, a web service, or a command-line script.


Tagged: Keycloak

Leave a comment

Your email address will not be published. Required fields are marked *