Configure Keycloak
This section contains a general instruction of how to configure Keycloak to be used for .NET applications.
Table of Contents:
Create Realm
- Open the Keycloak admin console in your browser. The URL is usually
http://localhost:8080
. - Click on the
Select Realm
dropdown button on the top left corner of the page. - Click on
Add Realm
. - In the
Create Realm
form, enter the name of your realm in theName
field. - Click on
Create
.
You have now created a new realm in Keycloak.
Create User
- In the Keycloak admin console, select your newly created realm.
- In the left-hand menu, click on
Users
. - Click on
Add user
. - In the
Add user
form, fill in the required fields such asUsername
,Email
,FirstName
,LastName
. - Click on
Save
. You have now created a new user in your realm.
Set Password
- After creating a new user, click on the
Credentials
tab. - In the
Password
field, enter the new password. - Confirm the password in the
Password Confirmation
field. - Set the
Temporary
switch toOFF
if you don't want the user to change their password at the next login. - Click on
Set Password
. You have now set a password for the new user in your realm.
Create Client
- In the Keycloak admin console, select your realm.
- In the left-hand menu, click on
Clients
. - Click on
Create
. - In the
Add Client
form, fill in the required fields such asClient ID
,Client Protocol
. - Click on
Save
. You have now created a new client in your realm.
Add Audience Mapper
Client Scopes in Keycloak are used to define a set of permissions that a client has. They are a way to limit the access of a client to certain resources or actions.
Mappers in Keycloak are used to map claims from the token to a user session and user profile. They can be used to add additional information to the token, such as user roles or other attributes.
- In the Keycloak admin console, select your realm.
- In the left-hand menu, click on
Clients
and selected required client. - Navigate to
Client Scopes
- Select
{client_id}-dedicated
, where client_id is the name of your client. - Click on the
Mappers
tab. - Click on
Configure a new mapper
and SelectAudience
- Specify the name of the mapper, e.g.: Audience
- In the
Name
field, enter a name for the mapper. - In the
Included Client Audience
field, enter the client ID of the client you want to include in the audience. - Click on
Save
. You have now added an audience mapper to a client scope in your realm.
Download Adapter Config
- In the Keycloak admin console, select your realm.
- In the left-hand menu, click on
Clients
. - Select the client for which you want to download the adapter config.
- Click on the
Action
dropdown on the top-right corner. - Click on
Download adapter config
. You have now downloaded the adapter config for your client.
Note: Instructions are provided for Keycloak of version 24.0.3