keycloak-scim/js/apps/keycloak-server/README.md
Erik Jan de Wit e8d8de8936
Use feature versions for admin3, account3, and login2 (#33458)
Closes #33405

Signed-off-by: stianst <stianst@gmail.com>
2024-10-03 12:09:36 +02:00

2.2 KiB

Keycloak Server

This app allows you to run a local development version of the Keycloak server.

Running the Keycloak server

First, ensure that all dependencies are installed locally using PNPM by running:

pnpm install

After the dependencies are installed we can start the Keycloak server by running the following command:

pnpm start

If you want to run the server against a local development Vite server, you'll have to pass the --admin-dev or --account-dev flag:

pnpm start --admin-dev
pnpm start --account-dev

The above commands will download the Nightly version of the Keycloak server and run it locally on port 8080. If a previously downloaded version was found in the server/ directory then that one will be used instead. If you want to download the latest Nightly version you can remove the server directory before running the command to start the server:

pnpm delete-server

Or if you just want to clear the data so you can start fresh without downloading the server again:

pnpm delete-data

If you want to run with a local Quarkus distribution of Keycloak for development purposes, you can do so by running this command instead:

pnpm start --local

If you want to run Keycloak standalone (without the script) against the Vite development server, you can set the following environment variables to achieve the same result:

KC_ACCOUNT_VITE_URL=http://localhost:5173
KC_ADMIN_VITE_URL=http://localhost:5174
KC_FEATURES=login:v2,account:v3,admin-fine-grained-authz,transient-users,oid4vc-vci

All other arguments will be passed through to the underlying Keycloak server.

In order for the development version of the Admin UI to work you will have to import a custom client to the Keycloak server. This is only required during development as the development server for the Admin UI runs on a different port. This client will be imported automatically under the name security-admin-console-v2 when the Keycloak server starts.

This client only allows redirects from/to "localhost:8080" so be sure either modify the client json in ./scripts or only attempt to authenticate and redirect from that address