Create keycloak custom realm in CLI
When I start keycloak, I start with Docker from this command:
docker run -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:24.0.2 start-dev
But in this way the realm is already created, and I would like to build a custom realm. So basically when I create the Docker image, I want to create the custom realm. I created it manually and then exported it partially because we can't export it fully.
So my question is: can I start keycloak locally with my custom realm?
I'm using a Mac.
You can create a custom realm by cURL command on Mac.
Also, recommend using docker compose by Docker Desktop
It helps not lose your custom realm even if the docker container is removed.
Just "docker run" and after "docker rm" to remove the container. All of settings for the realm and user will lost.
if using docker compose with volume, you can keep the setting of Keycloak.
Demo
Save as docker-compose.yml
version: '3.8'
services:
postgres:
image: postgres:15.6
container_name: postgres_db
volumes:
- postgres_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: password
keycloak_web:
image: quay.io/keycloak/keycloak:24.0.2
container_name: keycloak_web
environment:
KC_DB: postgres
KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
KC_DB_USERNAME: keycloak
KC_DB_PASSWORD: password
KC_HOSTNAME: localhost
KC_HOSTNAME_STRICT: false
KC_HOSTNAME_STRICT_HTTPS: false
KC_LOG_LEVEL: info
KC_METRICS_ENABLED: true
KC_HEALTH_ENABLED: true
KEYCLOAK_ADMIN: admin
KEYCLOAK_ADMIN_PASSWORD: admin
command: start-dev
depends_on:
- postgres
ports:
- 8080:8080
volumes:
postgres_data:
Open termina on Mac
Go to Applications > Utilities > Terminal, or use Spotlight Search (Cmd + Space) and type "Terminal" to open it
Run docker compose
docker compose up -d
Open it by Browser
http://localhost:8080
Credential
username: admin
password: admin
Get master token by cURL
MASTER_TOKEN=$(curl --location --request POST http://localhost:8080/realms/master/protocol/openid-connect/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=admin-cli' \
--data-urlencode 'username=admin' \
--data-urlencode 'password=admin' \
--data-urlencode 'grant_type=password' | jq -r '.access_token')
echo $MASTER_TOKEN
Create custom realm by cURL
curl --silent --show-error -L -X POST "http://localhost:8080/admin/realms" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer ""$MASTER_TOKEN" \
--data '{"realm":"demo-realm","enabled":true}'
Result
Note
The master token's default lifetime is 1 minute
So you need to call quickly after get master token Or
Extend it more margin to testing.
- How can I close over variables in kdb/Q?
- When is the EACH operator extension necessary in K besides mod/rotate?
- Handling single-character strings - in a function or in its caller? ssr()
- Kdb+ data fomat when writing to a file
- How to convert a symbol to a string in kdb+?
- Sum of each two elements using vector functions
- A dictionary with a single value and multiple keys
- Table transformation, table as list of dicts
- Accumulator gives different result then direct function applying
- Reshape [cols;table]
- FK field over IPC
- Protected execution, 2 cases
- Enums for tables
- Converge (fixed point) syntax difference in q and k
- .Q.trp and bt handling
- NULLs in q and in k.h
- Strange view declaration behaviour
- How to build a parse-tree of projections?
- Could not evaluate manually created equial ~ parse tree
- Select distinct for all columns from keyed table
- Parallel execution: blocking receive, deferred synchronous
- Multiple variable assignment in q
- Select a table from the inside of external select
- Select when one of filter-column may not exists
- What is the meaning of `s attribute on a table?
- On parallel execution - which side reports about an error?
- Validate if a keyed table have unique keys
- Applying dictionary to dictionary
- About xkey implementation
- Parse tree built on values from vars