English
Go to website
Back
Articles on:
Developers
Documentation for techies. How to use our REST API, how to tweak Keycloak IAM, etc.
API Authentication
Cloud-IAM API is the best way to automate everything. From deployments lifecycle management to keycloak extension uploads! In order to authenticate against Cloud-IAM API, first contact our [support](mailto:sup
Very popular
What plans have script mappers activated?
The script mapper is depending on the javascript upload profile of Keycloak, which is not activated on Cloud-IAM shared instances (Little Lemur) for security reasons. This feature can be activated on demand on any dedicated plan, starting with Roaring Rabbit whatever the region or the cloud provider targeted.
Some readers
Keycloak /metrics endpoint
Cloud-IAM REST API /deployments/{deployment_id}/metrics endpoint yield functional metrics about your Keycloak in OpenMetrics format textual representation that came from Prometheus textual representation. It yields counters regarding various parts of your Keycloak deployment.
Some readers
Terraform providers
Cloud-IAM Keycloak deployments are compatible with Keycloak terraform providers because deployed Keycloaks expose the full Keycloak REST admin API. However currently Cloud-IAM does not provide a terraform provider to create or delete deployments. Please contact our support if you are interested.
Few readers
Metrics are missing for a realm
When creating a new realm in a Keycloak deployment, metrics for this realm are not directly available in Cloud-IAM /metrics REST API endpoint and Cloud-IAM dashboard. In order to let Cloud-IAM know that it musts observe this realm, connect to deployment's Keycloak console, select the realm that must be monitored then go to events then config tab, add metrics-listener in the event listeners section and then don't forget to Save changes. Seconds later, the realm metrics will be available
Few readers
Redirection to a specific Keycloak realm
When browsing a Cloud-IAM Keycloak's deployment (e.g. https://DEPLOYEMENT_NAME.cloud-iam.com/ ) at the root path / the user is redirected to the admin console of the master realm by default. Cloud-IAM customer's might have on of their requirement: Customize the default / redirect behavior Redirect the user to a specific realm's depending on some requirements Setup a static page instead of redirecting the user to the master realm's admin console These kind of features are out of
Few readers
Pulumi Keycloak provider
Cloud-IAM Keycloak deployments are compatible with Keycloak pulumi provider because deployed Keycloaks expose the full Keycloak REST admin API. However currently Cloud-IAM does not provide a terraform provider to create or delete deployments. Please contact our support if you are interested. Troubleshooting Sometimes when adding a new realm pulumi gets a timeout within seconds as api response
Few readers
