Cloud-IAM
Go to website
Back
Articles on:Getting Started
How to setup Keycloak IAM on your website & apps.

Categories

  • Getting Started
  • Developers
  • Account
  • Frequently Asked Questions
  • Billing & Pricing
  • Security
  • Custom extensions (jar)
    Keycloak is designed to cover most use-cases without requiring custom code, but we also want it to be customizable. To achieve this Keycloak has a number of Service Provider Interfaces (SPI) for which you can implement your own providers. Custom providers play a key role in Keycloak's architecture. For every major functionality, like the login flow, authentication, authorization, there's a corresponding Service Provider Interface. This approach allows us to plug custom implementations for aPopular
  • Personalize Your Login Interface and Branding (custom theme)
    The whole authentication and registration experience along with the email sent can be customized in Keycloak through a custom extension. Examples are available on official keycloak source base or on our github. Getting started Let me help you step by step: 👥 First clone this example repository (https://github.com/clouPopular
  • Custom Domains
    Domain customization allows you to use your domain instead of redirecting your consumers to the Cloud-IAM domain. It will help you maintain consistency and give a frictionless experience to your consumers. In this article, we will assume that the domain my-custom.domain.tld will serve requests from the deployment deployment.cloud-iam.com. Custom domain (https://storage.crisPopular
  • Environment variables
    Cloud IAM dashboard and API can now be used to define environment variables that will be injected in your Keycloak deployment’s environment. Any uploaded custom Keycloak extensions can access these environment variables for configuration purposes. Every time environment variables are changed, Cloud-IAM will trigger a zero-downtime redeployment of the corresponding Keycloak cluster. Example of environment variables (https://storage.crisp.chat/users/helpdesk/website/847968654e020800/imagegwSome readers
  • Keycloak data export
    Cloud-IAM has the ability to export the entire Keycloak database. This can be especially useful if you want to migrate your whole Keycloak database from one environment to another. Export is available through Cloud-IAM dashboard and Cloud-IAM API and return a single zip file. At Cloud-IAM we aim to always give our customers full control over their data. We will never be a company thFew readers
  • Keycloak logs
    What would be a managed service without real-time logs? Cloud-IAM dashboard displays real-time logs for every dedicated deployments (starting from Roaring Rabbit plan). Logs access are the best way to understand what is going on with your deployment and how your custom extensions are doing. Keycloak real-time logs Logs ingestion Keycloak cluster logs can be integrated into cuFew readers
  • Deployment configuration
    Once deployed, your Keycloak deployment can be configured via the dashboard or through the API. Configure environment variables Add custom extensions (jar) Configure allowlistsFew readers
  • Activate Keycloak feature profiles
    The feature profiles in Keycloak can easily be enabled through the Cloud-IAM Console. Once checked, the feature profile will be enabled across your deployment in minutes. To configure other profiles not listed in the configuration panel, please contact the support.Few readers
  • IPs allowlists
    IPs allowlist for the login and admin urls of Keycloak deployments can be configured through the Cloud IAM dashboard and API. Cloud-IAM has two types of IPs alllowlist OpenID APIs endpoints: these urls are related with the end-user (Cloud-IAM customer's own customers) endpoints for login, sign up, forgot password and the underneath REST APIs required to get authenticated and generate JWT access tokens Keycloak REST Admin endpoints: these urls are related with the Keycloak administration conFew readers
  • Use a reverse-proxy in front of a Cloud-IAM's Keycloak deployment
    In some cases, the requirement to filter, redirect or customize some requests to Keycloak requires the customer to pass every requests through an active server (e.g. Nginx, Traefik, Envoy, Kong, Gravitee, ...) that acts as a reverse proxy. In this article, we will assume that the domain my-custom.domain.tld will serve requests from the deployment deployment.cloud-iam.com. Reverse proxyFew readers
  • Use a CDN in front of a Cloud-IAM's Keycloak deployment
    A CDN (like Cloudflare, AWS Cloudfront, ...) is a reverse proxy at scale with additional features such as intelligent filtering, caching, routing, ... This implies that the end-user requests are not directly routed to the Cloud-IAM cluster, but an additional server (company) interacts before proxying them to the cluster. In this article, we will assume that the domain my-custom.domain.tld will serve requeFew readers
  • How to impersonate (a user with specific rights that connect as another user)
    Keycloak offers out of the box support for impersonation. Cloud-IAM support team can help set impersonation if the customer has issue with the official documentation.Few readers
  • Can realms be organized in a hierarchy (realm in a realm)
    There is no realm hierarchy as they all stand at the same level with a strong isolation. If hierarchy is a requirement then leverage "groups" instead.Few readers
  • Deployment lifecycle
    The deployment is automatically managed by Cloud-IAM and its status is reflected in the Cloud-IAM Console. When the deployment is in a normal state, it is marked as RUNNING. Through the API or the Console, the customer can interact with the deployment. Some actions such as managing custom extensions, setting environnement variables, ... require to restart the Keycloak cluster. This is smoothly done through a rolling upgrade over all the nodes of the cluster. During this period, the deploymFew readers
  • Deployment Audit
    Cloud-AIM services write audit logs that record administrative activities and accesses within your Cloud-IAM resources. Audit logs help you answer "who did what, where, and when?" within your Cloud-IAM deployment with the same level of transparency as in on-premises environments. Audit logs helps your security, auditing, and compliance entities monitor Cloud-IAM data and systems for possible vulnerabilities or external data misuse.Few readers
  • Delete a deployment
    How to delete a deployment ? In the Cloud-IAM dashboard, navigate to the "Deployments" tab. Choose the deployment to delete. In the "Information" tab of the selected deployment, go to the bottom right of the page and click on "Delete". A dialogue box will appear to confirm the deletion of the deployment. Simply enter the name of the deployment and click on "Delete" to confirm the deletion. After a few seconds, you will be redirected to the deployments tab. The deleted deploymentFew readers

Not finding what you are looking for?

Chat with us or send us an email.

  • Chat with us
  • Send us an email
© 2023Cloud-IAMWe run on Crisp Knowledge.