closes keycloak#17727 Signed-off-by: Christian Janker <christian.janker@gmx.at>
2.2 KiB
Keycloak Server
This app allows you to run a local development version of the Keycloak server.
Running the Keycloak server
First, ensure that all dependencies are installed locally using PNPM by running:
pnpm install
After the dependencies are installed we can start the Keycloak server by running the following command:
pnpm start
If you want to run the server against a local development Vite server, you'll have to pass the --admin-dev
or --account-dev
flag:
pnpm start --admin-dev
pnpm start --account-dev
The above commands will download the Nightly version of the Keycloak server and run it locally on port 8080
. If a previously downloaded version was found in the server/
directory then that one will be used instead. If you want to download the latest Nightly version you can remove the server directory before running the command to start the server:
pnpm delete-server
Or if you just want to clear the data so you can start fresh without downloading the server again:
pnpm delete-data
If you want to run with a local Quarkus distribution of Keycloak for development purposes, you can do so by running this command instead:
pnpm start --local
If you want to run Keycloak standalone (without the script) against the Vite development server, you can set the following environment variables to achieve the same result:
KC_ACCOUNT_VITE_URL=http://localhost:5173
KC_ADMIN_VITE_URL=http://localhost:5174
KC_FEATURES=login:v2,account:v3,admin-fine-grained-authz,transient-users,oid4vc-vci
All other arguments will be passed through to the underlying Keycloak server.
In order for the development version of the Admin UI to work you will have to import a custom client to the Keycloak server. This is only required during development as the development server for the Admin UI runs on a different port. This client will be imported automatically under the name security-admin-console-v2
when the Keycloak server starts.
This client only allows redirects from/to "localhost:8080" so be sure either modify the client json in ./scripts
or only attempt to authenticate and redirect from that address