How can we help?

Search

Keycloak Integration

Noga Tubi
Noga Tubi
  • Updated

Overview

Torii integrates with Keycloak and syncs: Users, licenses, and apps discovered by signing in through Keycloak. 

Prerequisites

To integrate with Torii, you will be required to provide the following: Host name, Port, Realm, Username, Password, and Client ID. 
Find the instructions below.

  1. From your Keycloak admin console, select the realm environment you want to sync
  2. From the "Clients" tab, select the client you want to be associated with Torii, or create a new Client 
    mceclip0.png
  3. Make sure that the Direct access grant is checked 
    mceclip1.png
  4. Create an admin user 
  5. Give your user a Username
  6. Enter the user's Email. Note, Entering the Email is not mandatory on Keycloak however it will assist Torii in recognizing the user
    mceclip2.png
  7. Once you click on "Create," the "User details" window will open 
    Go to the Credentials tab and click on Set Password
  8. Set a password
  9. We highly recommend disabling the toggle so your password will not become "Temporary"
    Click Save
    mceclip4.png
  10. Go to the Role mapping tab
  11. Click on Assign role
  12. Go to the filter and select Filter by clients 
  13. In the search field, write "admin"
  14. Select "realm-admin" on "Realm-management" and click "Assign"
    mceclip5.png
  15. The role was added
    mceclip0.png
  16. To view the application's logins via Keycloak, go to Realm settings >> Events >> User and events settings tab,  and ensure the "Save events" toggle is enabled
    mceclip2.png

To connect Keycloak to Torii, follow the below steps:

  1. Go to the Integrations page and select the Keycloak tile
  2. Connect to Keycloak
  3. In the Connect Keycloak window, enter the Host name 
    mceclip3.png
  4. Enter the Port name 
    mceclip4.png
  5. Enter your Realm environment name (from the previous section, step 1)
  6. Enter the Username (from the previous section, step 5)
  7. Enter the Password (from the previous section, step 8)
  8. Enter the Client ID 
    mceclip6.png
  9. Click Connect
    mceclip8.png
  10. Once the integration is connected and synced, it will display a green checkbox
    mceclip7.png

Update the User Lifecycle settings

To ensure you get the user lifecycle information in Torii, define Keycloak as your Identity Provider management system.

  1. Under Settings >> User Lifecycle, click on the Edit button to review the options.
  2. Select Keycloak
  3. In case Keycloak is your only source for user management, make sure to uncheck Azure and Google workspace checkboxes
  4. Click Preview changes
    mceclip9.png

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request