Get Start - Deploy Managed Keycloak
At Cloud-IAM, a Deployment is representing (for paying plans only) an autonomous infrastructure running a Keycloak cluster in high availability fashion. The infrastructure is completely isolated from the rest of the other deployments for security reasons.
For Free plan, the deployment is an isolated realm on a shared Keycloak cluster.
The deployments belong to an organization which has a set of members with different roles. The members can interact with the deployment through the Cloud-IAM Console or API depending on their role.
In any case, the user information stored in the cluster are not read / used or processed by Cloud-IAM.
Tailor your Managed Keycloak to perfection using the Cloud-IAM Application's self-service deployment, aligned with your specific technical requirements and desired support level – all accomplished effortlessly within a 20-minute timeframe!⏱️
This documentation page is here to assist and guide you step-by-step through the deployment process until you reach the Keycloak console.
Step 1 - Create an account
To create a deployment, you will need to create a Cloud-IAM account and accept the Terms of Service.
Here is the process to create an account.
Step 2 - Create a Deployment
You are now logged into the application, and it's time to deploy your Keycloak. To do so, make sure you are on the "Deployments" page. You can verify this by:
- The deployment category is underlined.
- The URL is as follows: https://app.cloud-iam.com/deployments?
Now, click on the [Create New Deployment] button. By clicking this button, you will be redirected to the deployment configuration page.
Step 3 - Configuration deployment page
You've now reached the deployment configuration page
Named your deployment
Start by giving your deployment a name.
The deployment name is the globally unique identifier for your deployment. It will be used as a sub-domain “https://deployment_name.cloud-iam.com".
/!\ You cannot change the name after the deployment is created. /!\
Choose your plan
Choose your plan - configuration page
As you can see, there are several plans available, each with a maximum number of Users and Realms. By selecting one of the icons, you can adjust these limits. We recommend choosing a plan that suits your current needs and natural growth.
Here you will find a table summarizing the features and limits of each plan.
If, despite your projection of natural growth, you reach the limits of your plan, whether it's the number of Users or Realms, please note that we will not block your deployment. These values should be considered as soft limits. We will contact you and take the time to assess the situation with you to find a solution.
Choose your Cloud Provider and the region
From the dropdown menu, you can choose your preferred Cloud Provider and the region in which you want to deploy your Keycloak.
The geographical location of your deployment is crucial. We recommend deploying your Keycloak in the region where the majority of your users are located to minimize latency during login.
Here you will find a table summarizing the cloud providers as well as the regions where you can deploy your keycloak.
Choose your Support Level
You can now choose your level of support from the three available options: Standard, Professional, Expert, by clicking directly on the buttons.
Each support level has specific details regarding the assistance provided (on the Cloud-IAM application, on your Keycloak, and for incidents), access to communication features, SLA (Service Level Agreement), types of communication in case of incidents, and access to a ticket center.
Here you will find a table that lists, point by point, the rights and access you will have at each support level.
Please note that you can always upgrade your support level. For instance, if initially, your Keycloak is not connected to your application during the migration process, you can later choose a higher support level.
Choose your billing granularity
On this configuration step, you can select the subscription duration you prefer by clicking one of the subscription buttons:
- Yearly, with an automatic 10% discount applied, and the savings you'll achieve.
You can find all the documentation if you wish to change your subscription method here
Subscribe and create deployment
Congratulations, you have just configured your deployment. Please take a final moment to ensure that it aligns with your use case.
Then, simply click on the [Subscribe and create deployment] button, you will be then redirected to the payment page.
If you have selected the free plan Little Lemur, you can proceed directly to step: Step 5 - Confirmation of deployment creation
Step 4 - Payment Page
From the "Stripe" payment page, you will find:
On the left: the summary of your deployment, its pricing linked to the subscription, VAT corresponding to your country, and the option to enter a promotional code (If you have a discount coupon, you can enter it by clicking on "Add promotion code").
On the right: the billing information to be filled in: your name and your location for VAT application. The form varies according to the chosen payment method.
The available payment methods on this page are : Credit Card or SEPA Direct Debit.
If you encounter any difficulties during the payment process, please don't hesitate to contact our support team.
To proceed a payment by credit card, you need to provide:
- Card number
- Card expiration date
- CVV (Card Verification Value)
- Cardholder's name
SEPA Direct Debit
To proceed a payment by SEPA Direct Debit, you need to provide:
To finish the payment, you just need to provide the information if you are making the purchase for a business, and click on "Subscribe" on Stripe. After clicking "Subscribe," you will be redirected to the application.
Step 5 - Confirmation of deployment creation
🎉 Congratulations, you have just created your Keycloak deployment ! 🎉
This redirection informs you that your deployment is currently being created. From our side, this will trigger the automatic creation of your cluster.
You will receive 2 email after the process finalized the cluster setup :
- One for your payment confirmation from Stripe with the bill.
- One confirming that your Keycloak is ready to use. If you have associated members with your organization, all the members of the organization will receive the email from Cloud-IAM named : “[Cloud-IAM] deployment your deployment name has been completed 🎉”.
If you did not receive emails, please double-check your spam folder
Step 6 - Access to keycloak console
Your Keycloak deployment is now created, configured according to your needs, and available. Here are the various methods to access it:
From the confirmation email named: "[Cloud-IAM] deployment your deployment name has been completed 🎉".
Click on the URL displayed after "The deployment base URL is." You will be redirected to your Keycloak deployment.
Deployment list page - Cloud-IAM App
From the Cloud-IAM application, on the deployment page, a new row should have appeared with the name of your deployment, the plan you have chosen, and the number of users and realms you have.
Click on the "Keycloak console" button, and you will be redirected to your Keycloak deployment.
Step 7 - Keycloak First Log-In
In the Keycloak console, for your initial login, you must use and complete the credentials provided in the confirmation email named: "[Cloud-IAM] deployment your deployment name has been completed 🎉."
Then click on "Sign In," and you will be logged into your Keycloak deployment !
Major Kudo, you are now on your Keycloak deployment!
As mentioned in the confirmation email, to secure your admin account, we recommend that you change the admin credentials of your Keycloak.
Change initial admin password from keycloak
To change the initial password for your Keycloak, follow these steps:
- Click on "deployment-name Administrator."
- Select "Manage Account."
Once you complete these steps, you will be redirected to the "Keycloak account management" page.
From the "Keycloak account management" page, click on [Signing In] You will then be redirected to the page with the same name.
On the "Signing In Page," you have the option to:
- Change your password.
- Add a second factor of authentication.
We recommend for the admin using a strong password:
- At least 12 characters.
- Random (not resembling a common word or proper name).
- Unique, meaning this password should not be used for any other application.
- Set Up Authenticator Application
Feel free to take a look at our documentation on this subject.
Don't forget to remember and/or save your new password in a password manager.
Step 8 - Use it !
🎉 Congratulations! You've successfully created, configured, and initiated your Keycloak deployment with Cloud-IAM. 🎉
Now that you're up and running, feel free to explore more Keycloak features and advanced configurations. Our comprehensive documentation is at your fingertips for detailed insights.
If you have any questions or need assistance with any step, don't hesitate to reach out. Connect with the Cloud-IAM team through our Contact Us page or leverage Cloud-IAM Support for prompt assistance.
Happy exploring, and thank you for choosing Cloud-IAM for your Identity and Access Management needs!