2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
[[_client-cr]]
=== Creating a client custom resource
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
You can use the Operator to create clients in {project_name} as defined by a custom resource. You define the properties of the realm in a YAML file.
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
[NOTE]
====
You can update the YAML file and changes appear in the {project_name} admin console, however changes to the admin console do not update the custom resource.
====
.Example YAML file for a Client custom resource
2019-12-03 10:22:58 +00:00
```yaml
apiVersion: keycloak.org/v1alpha1
kind: KeycloakClient
metadata:
2020-05-09 01:16:38 +00:00
name: example-client
2019-12-03 10:22:58 +00:00
labels:
2020-06-08 21:53:30 +00:00
ifeval::[{project_community}==true]
app: app=example-keycloak
endif::[]
ifeval::[{project_product}==true]
2019-12-03 10:22:58 +00:00
app: sso
2020-06-08 21:53:30 +00:00
endif::[]
2019-12-03 10:22:58 +00:00
spec:
realmSelector:
matchLabels:
2020-05-09 01:16:38 +00:00
app: <matching labels for KeycloakRealm custom resource>
2019-12-03 10:22:58 +00:00
client:
# auto-generated if not supplied
#id: 123
clientId: client-secret
secret: client-secret
# ...
# other properties of Keycloak Client
```
2020-05-09 01:16:38 +00:00
.Prerequisites
* You have a YAML file for this custom resource.
* You have cluster-admin permission or an equivalent level of permissions granted by an administrator.
.Procedure
. Use this command on the YAML file that you created: `{create_cmd} -f <client-name>.yaml`. For example:
+
[source,bash,subs=+attributes]
----
$ {create_cmd} -f initial_client.yaml
keycloak.keycloak.org/example-client created
----
. Log into the {project_name} admin console for the related instance of {project_name}.
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
. Click Clients.
+
The new client appears in the list of clients.
+
image:images/clients.png[]
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
.Results
After a client is created, the Operator creates a Secret containing the `Client ID` and the client's secret using the following naming pattern: `keycloak-client-secret-<custom resource name>`. For example:
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
.Client's Secret
```yaml
apiVersion: v1
data:
CLIENT_ID: <base64 encoded Client ID>
CLIENT_SECRET: <base64 encoded Client Secret>
kind: Secret
```
After the Operator processes the custom resource, view the status with this command:
[source,bash,subs=+attributes]
----
2020-06-08 21:53:30 +00:00
$ {create_cmd_brief} describe keycloak <CR-name>
2020-05-09 01:16:38 +00:00
----
.Client custom resource Status
2019-12-03 10:22:58 +00:00
```yaml
Name: client-secret
Namespace: keycloak
2020-06-08 21:53:30 +00:00
ifeval::[{project_community}==true]
Labels: app=example-keycloak
endif::[]
ifeval::[{project_product}==true]
2019-12-03 10:22:58 +00:00
Labels: app=sso
2020-06-08 21:53:30 +00:00
endif::[]
2019-12-03 10:22:58 +00:00
API Version: keycloak.org/v1alpha1
Kind: KeycloakClient
Spec:
Client:
Client Authenticator Type: client-secret
Client Id: client-secret
Id: keycloak-client-secret
Realm Selector:
Match Labels:
2020-06-08 21:53:30 +00:00
ifeval::[{project_community}==true]
App: keycloak
endif::[]
ifeval::[{project_product}==true]
2019-12-03 10:22:58 +00:00
App: sso
2020-06-08 21:53:30 +00:00
endif::[]
2019-12-03 10:22:58 +00:00
Status:
Message:
Phase: reconciling
Ready: true
Secondary Resources:
Secret:
keycloak-client-secret-client-secret
Events: <none>
```
2020-05-09 01:16:38 +00:00
.Additional resources
2019-12-03 10:22:58 +00:00
2020-05-09 01:16:38 +00:00
* When the client creation completes, you are ready to xref:_user-cr[create a user custom resource].
