Setup keycloak sercurity for spring boot application

Setup Realm and clients in keycloak

This blog is the second part of the series of security spring boot application with keycloak. In first part we install setup in keycloak with docker you can see first part here

Version:

  • Keycloak: 4.5.0.Final
  • Pre-requisites
  • Keycloak should be installed in the

Create realm A realm secures and manages security metadata for a set of users, applications, and registered oauth clients. Users can be created within a specific realm within the Administration console. Click on Add realm button

image

Input the realm name

image

Once realm created you will see this screen

image

Create Client We need 2 clients one is for bearer-only client for the application, and another one is public client to get the access token

image

Create Public client

image

Once public client is created you will see the below screen

Create Bearer only client and set the access type to beare-only

image

Add new Admin role for the application client

image

Create Admin Client

image

Create User Client

image

Create User for the application Create two user with role admin with and user.

image

Create admin user

image

Set password

image

Assign admin role to user vik-admin

image

Similarly create another user account vik-user with user role

image

image

Get access and refresh token

User below curl to get the access token

Response

image

In the next blog we will se how to secure spring boot application. You can see the blog here.