Keep supports Keycloak in a “managed” way where Keep auto-provisions all resources (realm, client, etc.). Keep can also work with externally managed Keycloak. To learn how, please contact the team on Slack.
This feature is a part of Keep Enterprise. Talk to us to get access: https://www.keephq.dev/meet-keep

Keep integrates with Keycloak to provide a powerful and flexible authentication system for multi-tenant applications, supporting Single Sign-On (SSO) and SAML.

When to Use

  • On Prem: When deploying Keep on-premises and requiring a robust authentication system.
  • OSS: If you prefer using open-source software for your authentication needs.
  • Enterprise Protocols: When you need support for enterprise-level protocols like SAML and OpenID Connect.
  • Fully Customized: When you need a highly customizable authentication solution.
  • RBAC: When you require Role-Based Access Control for managing user permissions.
  • User and Group Management: When you need advanced user and group management capabilities.

Setup Instructions

To start Keep with Keycloak authentication, set the following environment variables:

Frontend Environment Variables

Environment VariableDescriptionRequiredDefault Value
AUTH_TYPESet to ‘KEYCLOAK’ for Keycloak authenticationYes-
KEYCLOAK_IDYour Keycloak client ID (e.g. keep)Yes-
KEYCLOAK_ISSUERFull URL to Your Keycloak issuer URL e.g. http://localhost:8181/auth/realms/keepYes-
KEYCLOAK_SECRETYour Keycloak client secretYeskeep-keycloak-secret

Backend Environment Variables

Environment VariableDescriptionRequiredDefault Value
AUTH_TYPESet to ‘KEYCLOAK’ for Keycloak authenticationYes-
KEYCLOAK_URLFull URL to your Keycloak serverYeshttp://localhost:8181/auth/
KEYCLOAK_REALMYour Keycloak realmYeskeep
KEYCLOAK_CLIENT_IDYour Keycloak client IDYeskeep
KEYCLOAK_CLIENT_SECRETYour Keycloak client secretYeskeep-keycloak-secret
KEYCLOAK_ADMIN_USERAdmin username for KeycloakYeskeep_admin
KEYCLOAK_ADMIN_PASSWORDAdmin password for KeycloakYeskeep_admin
KEYCLOAK_AUDIENCEAudience for KeycloakYesrealm-management

Example configuration

To get a better understanding on how to use Keep together with Keycloak, you can: