keycloak-scim/server_admin/topics/initialization.adoc


[id="creating-first-admin_{context}"]
== Creating the first administrator

After installing {project_name}, you need an administrator account that can act as a _super_ admin with full permissions to manage all parts of {project_name}. With this account, you can log into the {project_name} Admin Console where you create realms and users and register applications that are secured by {project_name}. 

.Prerequisites

* Perform the installation and configuration tasks defined in the link:{installguide_link}[{installguide_name}] to the point that the {project_name} server is running.

=== Creating the account on the local host

If your server is accessible from `localhost`, perform these steps.

.Procedure

. In a web browser, go to the http://localhost:8080{kc_base_path} URL.

. Supply a username and password that you can recall.
+
.Welcome page
image:{project_images}/initial-welcome-page.png[Welcome Page]

=== Creating the account remotely

ifeval::["{kc_dist}" == "quarkus"]
If you cannot access the server from a `localhost` address, or just want to start {project_name} from the command line, use the `KEYCLOAK_ADMIN` and `KEYCLOAK_ADMIN_PASSWORD` environment variables to create an initial admin account.

For example:
[source,bash]
----
export KEYCLOAK_ADMIN=<username>
export KEYCLOAK_ADMIN_PASSWORD=<password>

bin/kc.[sh|bat] start
----
endif::[]

ifeval::["{kc_dist}" == "wildfly"]
If you cannot access the server from a `localhost` address, or just want to start {project_name} from the command line, use the `.../bin/add-user-keycloak` script.

.Add-user-keycloak script
image:{project_images}/add-user-script.png[]

The parameters are a little different depending if you are using the standalone operation mode or domain operation mode.  For standalone mode, here is how you use the script.

.Linux/Unix
[source]
----
$ .../bin/add-user-keycloak.sh -r master -u <username> -p <password>
----

.Windows
[source]
----
> ...\bin\add-user-keycloak.bat -r master -u <username> -p <password>
----

For domain mode, you have to point the script to one of your server hosts using the `-sc` switch.

.Linux/Unix
[source]
----
$ .../bin/add-user-keycloak.sh --sc domain/servers/server-one/configuration -r master -u <username> -p <password>
----

.Windows
[source]
----
> ...\bin\add-user-keycloak.bat --sc domain/servers/server-one/configuration -r master -u <username> -p <password>
----
endif::[]
initialization 2016-05-13 01:04:47 +00:00
Converting Admin Console to Configuring Realms chapter including Realm Keys from Authentication chapter 2021-02-16 22:13:57 +00:00			`[id="creating-first-admin_{context}"]`
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00			`== Creating the first administrator`
initialization 2016-05-13 01:04:47 +00:00
Update initialization.adoc (#1423) fixed typo 2022-04-19 07:57:24 +00:00			`After installing {project_name}, you need an administrator account that can act as a _super_ admin with full permissions to manage all parts of {project_name}. With this account, you can log into the {project_name} Admin Console where you create realms and users and register applications that are secured by {project_name}.`
initialization 2016-05-13 01:04:47 +00:00
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00			`.Prerequisites`
initialization 2016-05-13 01:04:47 +00:00
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00			`* Perform the installation and configuration tasks defined in the link:{installguide_link}[{installguide_name}] to the point that the {project_name} server is running.`

			`=== Creating the account on the local host`

			If your server is accessible from `localhost`, perform these steps.

			`.Procedure`

Update documentation for Quarkus distribution (#1385) 2022-02-08 13:07:16 +00:00			`. In a web browser, go to the http://localhost:8080{kc_base_path} URL.`
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00
			`. Supply a username and password that you can recall.`
			`+`
admin-reuse -- Found one more Data Grid link to fix based on a separate PR. 2021-06-17 14:39:30 +00:00			`.Welcome page`
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00			`image:{project_images}/initial-welcome-page.png[Welcome Page]`
initialization 2016-05-13 01:04:47 +00:00
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00			`=== Creating the account remotely`
initialization 2016-05-13 01:04:47 +00:00
Update documentation for Quarkus distribution (#1385) 2022-02-08 13:07:16 +00:00			`ifeval::["{kc_dist}" == "quarkus"]`
			If you cannot access the server from a `localhost` address, or just want to start {project_name} from the command line, use the `KEYCLOAK_ADMIN` and `KEYCLOAK_ADMIN_PASSWORD` environment variables to create an initial admin account.

			`For example:`
			`[source,bash]`
			`----`
			`export KEYCLOAK_ADMIN=<username>`
			`export KEYCLOAK_ADMIN_PASSWORD=<password>`

			`bin/kc.[sh\|bat] start`
			`----`
			`endif::[]`

			`ifeval::["{kc_dist}" == "wildfly"]`
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00			If you cannot access the server from a `localhost` address, or just want to start {project_name} from the command line, use the `.../bin/add-user-keycloak` script.
initialization 2016-05-13 01:04:47 +00:00
admin-reuse -- Found one more Data Grid link to fix based on a separate PR. 2021-06-17 14:39:30 +00:00			`.Add-user-keycloak script`
Convert documentation to AsciiDoctor 2017-08-28 12:50:14 +00:00			`image:{project_images}/add-user-script.png[]`
initialization chapter 2016-05-13 13:39:56 +00:00
Rework server initialization chapter * KEYCLOAK-15941 Initial Rewording * Post feedback wording changes 2021-02-11 20:58:10 +00:00			`The parameters are a little different depending if you are using the standalone operation mode or domain operation mode. For standalone mode, here is how you use the script.`
initialization chapter 2016-05-13 13:39:56 +00:00
			`.Linux/Unix`
			`[source]`
			`----`
			`$ .../bin/add-user-keycloak.sh -r master -u <username> -p <password>`
			`----`

			`.Windows`
			`[source]`
			`----`
			`> ...\bin\add-user-keycloak.bat -r master -u <username> -p <password>`
			`----`

			For domain mode, you have to point the script to one of your server hosts using the `-sc` switch.

			`.Linux/Unix`
			`[source]`
			`----`
			`$ .../bin/add-user-keycloak.sh --sc domain/servers/server-one/configuration -r master -u <username> -p <password>`
			`----`

			`.Windows`
			`[source]`
			`----`
			`> ...\bin\add-user-keycloak.bat --sc domain/servers/server-one/configuration -r master -u <username> -p <password>`
			`----`
Update documentation for Quarkus distribution (#1385) 2022-02-08 13:07:16 +00:00			`endif::[]`
initialization 2016-05-13 01:04:47 +00:00