Cloud-IAM
Go to website
Back
Articles on:Developers
Documentation for techies. How to use our REST API, how to tweak Keycloak IAM, etc.

Categories

  • Getting Started
  • Developers
  • Account
  • Frequently Asked Questions
  • Billing & Pricing
  • Security
  • API Authentication
    Cloud-IAM API is the best way to automate everything. From deployments lifecycle management to keycloak extension uploads!Popular
  • Configure Keycloak remote JWKS support
    The JSON Web Key Set (JWKS) is a set of keys containing the public keys used to verify any JSON Web Token (JWT) issued by the authorization server and signed using the RS256 signing algorithm. When building applications and APIs in Cloud-IAM's keycloak deployments, four algorithms are supported for signing JWTs: RS256, RS384, RS512 and HS256. RS256 generates an asymmetric signature, which means that a private key must be used to sign the JWT and a different public key must be used to verify thePopular
  • Keycloak /metrics endpoint
    Cloud-IAM REST API /deployments/ deploymentid /metrics endpoint yield functional metrics about your Keycloak in OpenMetrics format textual representation that came from Prometheus textual representation. It yields counters regarding various parts of your Keycloak deployment.Popular
  • Terraform providers
    Cloud-IAM Keycloak deployments are compatible with Keycloak terraform providers because deployed Keycloaks expose the full Keycloak REST admin API. However currently Cloud-IAM does not provide a terraform provider to create or delete deployments. Please contact our support if you are interested.Some readers
  • Pulumi Keycloak provider
    Cloud-IAM Keycloak deployments are compatible with Keycloak pulumi provider because deployed Keycloaks expose the full Keycloak REST admin API. However currently Cloud-IAM does not provide a Pulumi provider to create or delete deployments. Please contact our support if you are interested. Troubleshooting Sometimes when adding a neFew readers
  • What plans have script mappers activated?
    The script mapper is depending on the javascript upload profile of Keycloak, which is not activated on Cloud-IAM shared instances (Little Lemur) for security reasons. This feature can be activated on demand on any dedicated plan, starting with Roaring Rabbit whatever the region or the cloud provider targeted.Few readers
  • Do Cloud-IAM deployments expose the full Keycloak REST API?
    Yes, full Keycloak REST API is available on most of Cloud-IAM subscription plans. To ensure reliability, Cloud-IAM protects Keycloak REST API with rate limits and quotas.Few readers
  • Redirection to a specific Keycloak realm
    When browsing a Cloud-IAM Keycloak's deployment (e.g. https://DEPLOYEMENTNAME.cloud-iam.com/ ) at the root path / the user is redirected to the admin console of the master realm by default. Cloud-IAM customer's might have on of their requirement: Customize the default / redirect behavior Redirect the user to a specific realm's depending on some requirements Setup a static page instead of redirecting the user to the master realm's admin console These kind of features are out ofFew readers
  • Metrics are missing for a realm
    When creating a new realm in a Keycloak deployment, metrics for this realm are not directly available in Cloud-IAM /metrics REST API endpoint and Cloud-IAM dashboard. In order to let Cloud-IAM know that it musts observe this realm, connect to deployment's Keycloak console, select the realm that must be monitored then go to events then config tab, add metrics-listener in the event listeners section and then don't forget to Save changes. Seconds later, the realm metrics will be availableFew readers
  • Keycloak TLS configuration
    For security reasons, most the documented Keycloak TLS configuration you may set through environment variables won't have any real impact on your Cloud-IAM deployment. Cloud-IAM load balancers enforce security standards in order to keep you safe. If you need specific customisations, our support team will always be able to answer you.Few readers
  • SSL / TLS protocols supported
    Cloud-IAM only supports TLS protocol v1.2 and v1.3. We don't accept any version of SSL protocol anymore due to previous vulnerabilities.Few readers

Not finding what you are looking for?

Chat with us or send us an email.

  • Chat with us
  • Send us an email
© 2023Cloud-IAMWe run on Crisp Knowledge.