Contents x
    Keycloak
    • 3 Minutes to read
    • Dark
      Light
    Contents

    Keycloak

    • 3 Minutes to read
    • Dark
      Light
    Article summary

    Keycloak is an open-source identity and access management (IAM) solution. It provides a robust set of features for user authentication, authorization, and single sign-on (SSO) capabilities, allowing organizations to secure their applications and services by managing user identities, roles, and permissions in a centralized and scalable manner.

    Refer to our website for the list of metrics and attributes available in Dataddo.

    Authorization

    In Keycloak

    To authorize your Keycloak account, you will need your server name, realm name, client ID, and a client secret.

    Obtaining your client secret differs depends on the Keycloak version that you're using. Follow these steps for

    1. Keycloak version before 20
    2. Keycloak version 20 and later

    Keycloak Version before 20


    To get your client secret, you need to make sure your client's access type is confidential and not public.

    1. Go to the Clients section of your realm admin panel.
      (<protocol>://<host>:<port>/auth/admin/master/console/#/realms/<your realm>/clients/<your client code>)
    2. On the Settings tab, change the Access Type to confidential and save.
    3. A new tab called Credentials will show up, click on it.
    4. Make sure the Client Authenticator field is set to Client ID and Secret.
    5. Copy your client secret.

    Refer to Keycloak's official documentation for more information on authorization.

    Keycloak Version 20 and Later

    1. Go to the Clients section of your realm admin panel.
      (<protocol>://<host>:<port>/auth/admin/master/console/#/realms/<your realm>/clients/<your client code>)
    2. Click on Create client.
      1. Enter the client ID (a unique identifier for your client).
      2. On the next page, set the Client authentication option to On and save.
    3. Back on the Clients page, navigate to the Credentials tab.
    4. Make sure the Client Authenticator field is set to Client ID and Secret.
    5. Copy your client secret.

    Refer to Keycloak's official documentation for more information on authorization.

    Client vs Realm

    Realms manage a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control.

    Clients are entities that can request Keycloak to authenticate a user. Most often, clients are applications and services that want to use Keycloak to secure themselves and provide a single sign-on solution. Clients can also be entities that only want to request identity information or an access token so that they can securely invoke other services on the network that are secured by Keycloak.

    In Dataddo

    1. On the Authorizers page, click on Authorize New Service and select Keycloak.
    2. Fill in the following fields:
      1. Server: Keycloak server name.
      2. Realm Name: Keycloak realm name.
      3. Client ID: Client ID you set in earlier step.
      4. Client Secret: Client secret generated for your client.
    3. Rename your authorizer for easier identification and click on Save.

    How to Create a Keycloak Data Source

    1. On the Sources page, click on the Create Source button and select the connector from the list.
    2. Select your dataset and click on Next to continue.
      DATADDO TIP

      If you are not sure which dataset you need but know the metrics and attributes, use the Search by Name or Attribute function.

      Fixed-schema connector
    3. From the drop-down menu, select your authorizer.
      Didn't find your authorizer?

      Click on Add new Account at the bottom of the drop-down and follow the on-screen prompts. You can also go to the Authorizers tab and click on Add New Service.

    4. Name your data source and select your metrics and attributes. Keep in mind that metrics and attributes depend on the selected dataset.
    5. Configure your sync frequency or the exact synchronization time under Show advanced settings.
      DATADDO TIP

      If you need to load historical data, please refer to the Data Backfilling article.

    6. Preview your data by clicking on the Test Data button in the top right corner. You can adjust the date range for a more specific time frame.
    7. Click on Save and congratulations, your new data source is ready!

    Troubleshooting

    Data Preview Unavailable

    No data preview when you click on Test Data might be caused by an issue with your source configuration. The most common causes are:

    • Date range: Try a smaller date range. You can load the rest of your data afterward via manual data load.
    • Insufficient permissions: Please make sure your authorized account has at least admin-level permissions.

    Related Articles

    Now that you have successfully created a data source, see how you can connect your data to a dashboarding app or a data storage.

    Sending Data to Dashboarding Apps

    Sending Data to Data Storages

    Other Resources

    Was this article helpful?
    What's Next