User & GroupsUser & Groups
Try For Free

Keycloak configuration

Configuration in the Keycloak Web Console

Login to your Keycloak instance with administrator privileges and enter the Administration Console

welcomeToKeycloak.png


Select the realm of the users who should be synchronized and click on Clients in the left-hand navigation bar.
Click on the Create client button of the client view to register a new client for the User & Group Sync connector

create_client.png


Provide a name for the Client ID and make sure that the Client type is OpenID Connect and click on Next.

client_id.png


In the Capability config tab, enable both the Client authentication and Authorization options, and have the other options as the following screenshot, then click on Next:

capability_conf.png

Keep the settings in the next tab as is, and click on Save.

login_settings.png


The following assignment might not be required, when registering a client in the master realm.


Switch to the Service account roles tab and click on the Assign role button.

assign_role.png

Select "Filter by clients" and search for "manage-users" then click enter. Choose "realm-management / manage-users" and click on Assign.

manage-users.png

The settings should look like the below now:

service_accounts_roles.png

Go to the Credentials tab, and copy the Client secret. You may regenerate it any time. 

client_secret.png

Configuration in User & Group Sync Configuration page

Navigate to the administration console for Jira, Confluence, or Bitbucket 

Confluence: search for USERS & SECURITY under which you'll find User & Group Sync
Jira: navigate to the User management tab in which you'll find User & Group Sync
Bitbucket: navigate to Administration/ Accounts you'll find User & Group Sync listed here

Click on Add Connector and choose Keyloak Connector.

add connector.png

Set a name, insert your Keycloak URL appending /auth at the end, and provide

  • realm name

  • client-id

  • secret

as per your Keycloak setup earlier. Use the Save and Test Connection button to check if User Sync can connect to Keycloak successfully.

Screenshot 2023-04-26 at 14.19.15.png

To schedule a periodic synchronization of your Keycloak directory with User & Group Sync, click on Show Advanced Settings at the very bottom of the page.
Enable Scheduled Synchronization needs to be checked, the default cron expression would then cause a sync every day at 2 am.

Click Save and Return to finish the configuration.

schedule.png


This site uses cookies to deliver its service & to analyse traffic. By browsing this site, you accept the privacy policy.

Our Wiki uses cookies

We want to give you the best possible experience on our website. For this we use technically required cookies and, if you agree, cookies for analysis and marketing purposes. You can find more information about the cookies in our Privacy Policy. By tapping ‘Accept All,’ you consent to the use of these methods by us and third parties.

Necessary
Always Active
Analytics
Advertisement
Other