Skip to content

Get Start - Deploy Managed Keycloak ​

Introduction ​

At Cloud-IAM, a Deployment is representing (for paying plans only) an autonomous infrastructure running a Keycloak cluster in high availability fashion. The infrastructure is completely isolated from the rest of the other deployments for security reasons.

For Free plan, the deployment is an isolated realm on a shared Keycloak cluster.

The deployments belong to an organization which has a set of members with different roles. The members can interact with the deployment through the Cloud-IAM Console or API depending on their role.

In any case, the user information stored in the cluster are not read / used or processed by Cloud-IAM.

Tailor your Managed Keycloak to perfection using the Cloud-IAM Application's self-service deployment, aligned with your specific technical requirements and desired support level – all accomplished effortlessly within a 20-minute timeframe!⏱️

This documentation page is here to assist and guide you step-by-step through the deployment process until you reach the Keycloak console.

Step 1 - Create an account ​

To create a deployment, you will need to create a Cloud-IAM account and accept the Terms of Service.

Here is the process to create an account.

Step 2 - Create a Deployment ​

Deployment Page - Cloud-IAM App
Deployment Page - Cloud-IAM App

You are now logged into the application, and it's time to deploy your Keycloak. To do so, make sure you are on the "Deployments" page. You can verify this by:

Button create New Deployment - Cloud-IAM App
Button create New Deployment - Cloud-IAM App

Now, click on the [Create New Deployment] button. By clicking this button, you will be redirected to the deployment configuration page.

Step 3 - Configuration deployment page ​

Deployment configuration - Cloud-IAM App
Deployment configuration - Cloud-IAM App

You've now reached the deployment configuration page

Named your deployment ​

Named the Deployment - configuration page
Named the Deployment - configuration page

Start by giving your deployment a name.

INFO

The deployment name is the globally unique identifier for your deployment. It will be used as a sub-domain “https://deployment_name.cloud-iam.com".

/!\ You cannot change the name after the deployment is created. /!\

Choose your plan ​

Choose your plan - configuration page

Choose your plan - configuration page
Choose your plan - configuration page

As you can see, there are several plans available, each with a maximum number of Users and Realms. By selecting one of the icons, you can adjust these limits. We recommend choosing a plan that suits your current needs and natural growth.

Here you will find a table summarizing the features and limits of each plan.

INFO

If, despite your projection of natural growth, you reach the limits of your plan, whether it's the number of Users or Realms, please note that we will not block your deployment. These values should be considered as soft limits. We will contact you and take the time to assess the situation with you to find a solution.

Choose your Cloud Provider and the region ​

Choose your Cloud Provider and the region - Configuration Page
Choose your Cloud Provider and the region - Configuration Page

From the dropdown menu, you can choose your preferred Cloud Provider and the region in which you want to deploy your Keycloak.

The geographical location of your deployment is crucial. We recommend deploying your Keycloak in the region where the majority of your users are located to minimize latency during login.

Here you will find a table summarizing the cloud providers as well as the regions where you can deploy your keycloak.

Choose your Support Level ​

Choose your Support Level - Configuration Page
Choose your Support Level - Configuration Page

You can now choose your level of support from the three available options: Standard, Professional, Expert, by clicking directly on the buttons.

Each support level has specific details regarding the assistance provided (on the Cloud-IAM application, on your Keycloak, and for incidents), access to communication features, SLA (Service Level Agreement), types of communication in case of incidents, and access to a ticket center.

Here you will find a table that lists, point by point, the rights and access you will have at each support level.

INFO

Please note that you can always upgrade your support level. For instance, if initially, your Keycloak is not connected to your application during the migration process, you can later choose a higher support level.

Choose your billing granularity ​

Choose your billing granularity - Configuration Page
Choose your billing granularity - Configuration Page

On this configuration step, you can select the subscription duration you prefer by clicking one of the subscription buttons:

  • Monthly
  • Yearly, with an automatic 10% discount applied, and the savings you'll achieve.

INFO

You can find all the documentation if you wish to change your subscription method here

Subscribe and create deployment ​

Congratulations, you have just configured your deployment. Please take a final moment to ensure that it aligns with your use case.

Then, simply click on the [Subscribe and create deployment] button, you will be then redirected to the payment page.

TIP

If you have selected the free plan Little Lemur, you can proceed directly to step: Step 5 - Confirmation of deployment creation

Step 4 - Payment Page ​

From the "Stripe" payment page, you will find:

  • On the left: the summary of your deployment, its pricing linked to the subscription, VAT corresponding to your country, and the option to enter a promotional code (If you have a discount coupon, you can enter it by clicking on "Add promotion code").

  • On the right: the billing information to be filled in: your name and your location for VAT application. The form varies according to the chosen payment method.

The available payment methods on this page are : Credit Card or SEPA Direct Debit.

INFO

If you encounter any difficulties during the payment process, please don't hesitate to contact our support team.

Credit Card ​

Credit Card - Payment Method
Credit Card - Payment Method

To proceed a payment by credit card, you need to provide:

  • Card number
  • Card expiration date
  • CVV (Card Verification Value)
  • Cardholder's name

SEPA Direct Debit ​

SEPA Direct Debit - Payment Method
SEPA Direct Debit - Payment Method

To proceed a payment by SEPA Direct Debit, you need to provide:

  • IBAN
  • Name

Subscribe ​

To finish the payment, you just need to provide the information if you are making the purchase for a business, and click on "Subscribe" on Stripe. After clicking "Subscribe," you will be redirected to the application.

Step 5 - Confirmation of deployment creation ​

Your deployment is being created - Cloud-IAM App
Your deployment is being created - Cloud-IAM App

🎉 Congratulations, you have just created your Keycloak deployment ! 🎉

This redirection informs you that your deployment is currently being created. From our side, this will trigger the automatic creation of your cluster.

Emails confirmation ​

Confirmation email - From Cloud-IAM
Confirmation email - From Cloud-IAM

You will receive 2 email after the process finalized the cluster setup :

  • One for your payment confirmation from Stripe with the bill.
  • One confirming that your Keycloak is ready to use. If you have associated members with your organization, all the members of the organization will receive the email from Cloud-IAM named : “[Cloud-IAM] deployment your deployment name has been completed 🎉”.

TIP

If you did not receive emails, please double-check your spam folder

Step 6 - Access to keycloak console ​

Your Keycloak deployment is now created, configured according to your needs, and available. Here are the various methods to access it:

Confirmation email ​

Confirmation email - From Cloud-IAM
Confirmation email - From Cloud-IAM

From the confirmation email named: "[Cloud-IAM] deployment your deployment name has been completed 🎉".

Click on the URL displayed after "The deployment base URL is." You will be redirected to your Keycloak deployment.

Deployment list page - Cloud-IAM App ​

Deployment list page - Cloud-IAM App
Deployment list page - Cloud-IAM App

From the Cloud-IAM application, on the deployment page, a new row should have appeared with the name of your deployment, the plan you have chosen, and the number of users and realms you have.

Click on the "Keycloak console" button, and you will be redirected to your Keycloak deployment.

Step 7 - Keycloak First Log-In ​

Fist Log-In ​

Fist Log-In

In the Keycloak console, for your initial login, you must use and complete the credentials provided in the confirmation email named: "[Cloud-IAM] deployment your deployment name has been completed 🎉."

Then click on "Sign In," and you will be logged into your Keycloak deployment !

Welcome Page - Keycloak console
Welcome Page - Keycloak console

Major Kudo, you are now on your Keycloak deployment!

As mentioned in the confirmation email, to secure your admin account, we recommend that you change the admin credentials of your Keycloak.

Change initial admin password from keycloak ​

Access to Manage Account - Keycloak Console
Access to Manage Account - Keycloak Console

To change the initial password for your Keycloak, follow these steps:

  1. Click on "deployment-name Administrator."
  2. Select "Manage Account."

Once you complete these steps, you will be redirected to the "Keycloak account management" page.

Keycloak account management - Keycloak Console
Keycloak account management - Keycloak Console

From the "Keycloak account management" page, click on [Signing In] You will then be redirected to the page with the same name.

Signing In Page - Keycloak Console
Signing In Page - Keycloak Console

On the "Signing In Page," you have the option to:

  • Change your password.
  • Add a second factor of authentication.

We recommend for the admin using a strong password:

  • At least 12 characters.
  • Random (not resembling a common word or proper name).
  • Unique, meaning this password should not be used for any other application.
  • Set Up Authenticator Application

Feel free to take a look at our documentation on this subject.

WARNING

Don't forget to remember and/or save your new password in a password manager.

Step 8 - Use it ! ​

🎉 Congratulations! You've successfully created, configured, and initiated your Keycloak deployment with Cloud-IAM. 🎉

Now that you're up and running, feel free to explore more Keycloak features and advanced configurations. Our comprehensive documentation is at your fingertips for detailed insights.

If you have any questions or need assistance with any step, don't hesitate to reach out. Connect with the Cloud-IAM team through our Contact Us page or leverage Cloud-IAM Support for prompt assistance.

Happy exploring, and thank you for choosing Cloud-IAM for your Identity and Access Management needs!