SSO with Keycloak
This guide provides step-by-step instructions on how to configure single sign-on (SSO) with Keycloak. You already use Keycloak to conveniently manage permissions to applications. After SSO configuration is complete, you'll also be able to use Keycloak to manage permissions to your Datasources.
Steps
- In your Keycloak admin console, go to the Clients section and click Create to add a client.
- On the Add Client page, enter basic information and then save:
- On the Settings tab, do the following:
- On the Credentials tab, copy the Secret value. You will need this in the next step.
Record client secret - Next, enter the account details in the strongDM Admin UI. Go to Settings > User Management. In the Single Sign-on section, set the following:
- Provider: Select Keycloak.
- Single sign-on URL: Add your URL (add
/auth/realms/<REALM_NAME>
to your Keycloak base URL). - Client ID: Enter your client ID.
- Client Secret: Paste the secret that you copied previously.
- Select your desired general SSO settings and click activate.
Configure Keycloak in strongDM - Verify that all users in strongDM exist in Keycloak.
If any errors occur or if the integration fails in any way, please contact support@strongdm.com for assistance.