How can we help?

Keycloak Integration

Noga Tubi
Noga Tubi
  • Updated


Torii integrates with Keycloak and syncs: Users, licenses, and apps discovered by signing in through Keycloak. 


To integrate with Torii, you will be required to provide the following: Host name, Port, Realm, Username, Password, and Client ID. 
Find the instructions below.

  1. From your Keycloak admin console, select the realm environment you want to sync
  2. From the "Clients" tab, select the client you want to be associated with Torii, or create a new Client 
  3. Make sure that the Direct access grant is checked 
  4. Create an admin user 
  5. Give your user a Username
  6. Enter the user's Email. Note, Entering the Email is not mandatory on Keycloak however it will assist Torii in recognizing the user
  7. Once you click on "Create," the "User details" window will open 
    Go to the Credentials tab and click on Set Password
  8. Set a password
  9. We highly recommend disabling the toggle so your password will not become "Temporary"
    Click Save
  10. Go to the Role mapping tab
  11. Click on Assign role
  12. Go to the filter and select Filter by clients 
  13. In the search field, write "admin"
  14. Select "realm-admin" on "Realm-management" and click "Assign"
  15. The role was added
  16. To view the application's logins via Keycloak, go to Realm settings >> Events >> User and events settings tab,  and ensure the "Save events" toggle is enabled

To connect Keycloak to Torii, follow the below steps:

  1. Go to the Integrations page and select the Keycloak tile
  2. Connect to Keycloak
  3. In the Connect Keycloak window, enter the Host name 
  4. Enter the Port name 
  5. Enter your Realm environment name (from the previous section, step 1)
  6. Enter the Username (from the previous section, step 5)
  7. Enter the Password (from the previous section, step 8)
  8. Enter the Client ID 
  9. Click Connect
  10. Once the integration is connected and synced, it will display a green checkbox

Update the User Lifecycle settings

To ensure you get the user lifecycle information in Torii, define Keycloak as your Identity Provider management system.

  1. Under Settings >> User Lifecycle, click on the Edit button to review the options.
  2. Select Keycloak
  3. In case Keycloak is your only source for user management, make sure to uncheck Azure and Google workspace checkboxes
  4. Click Preview changes

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request