Environment variables
Environment variables are used to configure the Keycloak cluster or your custom extensions.
They can be used to adjust the Keycloak settings (see https://www.keycloak.org/server/all-config). Note that some configuration variables are under the responsibility of Cloud-IAM and won't be overridable.
Types of Keycloak variables
We propose two types of variables:
Clear
: the value is displayed in clear in the consoleMasked
: the value is masked and can no longer be read once saved. To make a variable "masked", simply click on the padlock and validate:
The value is then no longer displayed, but you can modify it if you wish to update it.
If you wish to make a masked variable clear again, you can do so by clicking on the open padlock:
WARNING
However, this will reset the current value, so you'll need to enter it again:
Keycloak variables
KC_LOG_LEVEL
This variable can be used to configure the log level of Keycloak. The default value is INFO
.
You can use this value for instance WARN,com.acme.extension:DEBUG
to log at the DEBUG
level for the classes from package com.acme.extension
, and at the WARN
level for everything else.
KC_HTTP_RELATIVE_PATH
Changing the value of variable KC_HTTP_RELATIVE_PATH
will change the url of your deployment. This might impact the availability of your deployment.
The deployment url is generated by this formula: https://deployment.cloud-iam.com${KC_HTTP_RELATIVE_PATH}/admin/master/console/
For backward compatibility between Wildfly and Quarkus, you might need to set this value to /auth
. In this case, all the urls are prefixed with /auth
as before in Wildfly.
Be careful when changing / removing this value, because it affects the login url for your end-users