explainx.ainewsletter3.4k

auth-security

Keycloak▌

by haithamoumerzoug

Integrate with Keycloak for user creation, role assignment, group, and client management across realms using Keycloak id

Integrates with Keycloak identity management to enable user creation, role assignment, group management, and client listing across different realms

github stars

★ 10

0 commentsdiscussion

Both formats append explainx.ai attribution and the canonical URL for this MCP server listing.

Uses official Keycloak Admin ClientMulti-realm support

best for

/ Identity administrators managing user accounts
/ DevOps teams automating user provisioning
/ Applications needing Keycloak integration

capabilities

/ Create and delete users in Keycloak realms
/ List all users within specific realms
/ Browse available realms and clients
/ Manage groups across different realms
/ Query realm configurations and settings

what it does

Connects to Keycloak identity management systems to manage users, realms, groups, and clients through a standardized interface.

about

Keycloak is a community-built MCP server published by haithamoumerzoug that provides AI assistants with tools and capabilities via the Model Context Protocol. Integrate with Keycloak for user creation, role assignment, group, and client management across realms using Keycloak id It is categorized under auth security.

how to install

You can install Keycloak in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.

license

MIT

Keycloak is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.

readme

Keycloak MCP Server

A Model Context Protocol (MCP) server implementation for Keycloak, providing a standardized interface for managing Keycloak users and realms.

<a href="https://glama.ai/mcp/servers/@HaithamOumerzoug/keycloak-mcp"> <img width="380" height="200" src="https://glama.ai/mcp/servers/@HaithamOumerzoug/keycloak-mcp/badge" alt="Keycloak Server MCP server" /> </a>

Description

This project implements an MCP server that integrates with Keycloak, allowing you to manage Keycloak users and realms through a standardized protocol. It uses the official Keycloak Admin Client to interact with Keycloak's API.

Feature Demo

https://github.com/user-attachments/assets/4b02a049-b8d6-4cc5-a7b4-564a0e758dd8

Available Tools

create-user

Creates a new user in a specified realm.

Inputs:

realm: The realm name
username: Username for the new user
email: Email address for the user
firstName: User's first name
lastName: User's last name

delete-user

Deletes a user from a specified realm.

Inputs:

realm: The realm name
userId: The ID of the user to delete

list-realms

Lists all available realms.

list-users

Lists all users in a specified realm.

Inputs:

realm: The realm name

list-clients

Lists all clients in a specified realm.

Inputs:

realm: The realm name

list-groups

Lists all groups in a specified realm.

Inputs:

realm: The realm name

list-client-roles

Lists all roles for a specific client in a realm.

Inputs:

realm: The realm name
clientUniqueId: The unique ID of the client

assign-client-role-to-user

Assigns a client role to a specific user.

Inputs:

realm: The realm name
userId: The ID of the user
clientUniqueId: The unique ID of the client
roleName: The name of the role to assign

add-user-to-group

Adds a user to a specific group.

Inputs:

realm: The realm name
userId: The ID of the user
groupId: The ID of the group

Prerequisites

Node.js (Latest LTS version recommended)
npm
A running Keycloak instance

Installation

Installing via Smithery

To install keycloak-mcp for Claude Desktop automatically via Smithery:

$ npx -y @smithery/cli install @HaithamOumerzoug/keycloak-mcp --client claude

Installing via NPM

Configure environment:

You can set configuration options using command-line arguments or environment variables:
- --keycloak-url <Keycloak Instance URL>
- --keycloak-admin <Admin Username>
- --keycloak-admin-password <Admin Password>
These arguments override environment variables if both are set.

Start the server:

The server is available as an NPM package:

# Direct usage with npx
$ npx -y keycloak-mcp --keycloak-url <Keycloak Instance URL> --keycloak-admin <Admin Username> --keycloak-admin-password <Admin Password>

# Or global installation
$ npm install -g keycloak-mcp@latest
$ keycloak-mcp --keycloak-url <Keycloak Instance URL> --keycloak-admin <Admin Username> --keycloak-admin-password <Admin Password>

Configuration

Using NPM Package

Configure the server in your Cursor IDE, Cline or Claude Desktop MCP configuration file:

{
  "mcpServers": {
    "keycloak": {
      "command": "npx",
      "args": ["-y", "keycloak-mcp"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

For Local Development

{
  "mcpServers": {
    "keycloak": {
      "command": "node",
      "args": ["path/to/dist/server.js"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

Development

To set up the development environment:

Clone the repository
Install dependencies:
```
npm install
```

Set env vars

cp .env.template .env
# Edit the .env file and set all variables with the appropriate values

Start the project:
```
npm run dev
```

Available Scripts

npm run build - Builds the project and makes the CLI executable
npm run prepare - Runs the build script (used during package installation)
npm run dev - Watches for changes and rebuilds automatically
npm start - Starts the server (for production)

Dependencies

Main Dependencies

@keycloak/keycloak-admin-client - Official Keycloak Admin Client
@modelcontextprotocol/sdk - MCP SDK for standardized protocol implementation
zod - TypeScript-first schema validation
chalk - Terminal string styling
yargs - Parsing command-line arguments

Dev Dependencies

typescript - For TypeScript support
@types/node - TypeScript definitions for Node.js
shx - Cross-platform shell commands
ts-node - TypeScript execution and REPL for Node.js
rimraf - A cross-platform tool to remove directories
@types/yargs - TypeScript definitions for yargs

License

MIT

Author

OUMERZOUG Haitham

FAQ

What is the Keycloak MCP server?: Keycloak is a Model Context Protocol (MCP) server profile on explainx.ai. MCP lets AI hosts (e.g. Claude Desktop, Cursor) call tools and resources through a standard interface; this page summarizes categories, install hints, and community ratings.
How do MCP servers relate to agent skills?: Skills are reusable instruction packages (often SKILL.md); MCP servers expose live capabilities. Teams frequently combine both—skills for workflows, MCP for APIs and data. See explainx.ai/skills and explainx.ai/mcp-servers for parallel directories.
How are reviews shown for Keycloak?: This profile displays 48 aggregated ratings (sample rows for discoverability plus signed-in user reviews). Average score is about 4.8 out of 5—verify behavior in your own environment before production use.

Use Cases▌

Extended AI Capabilities

Add new capabilities to Claude beyond text generation

Example

Access external data sources, execute code, interact with tools and services

✓

Transform Claude from chatbot to action-taking agent

Context Enhancement

Provide Claude with access to relevant context and data

Example

Load project documentation, access knowledge bases, query databases

✓

Get more accurate, context-aware responses

Workflow Automation

Automate multi-step workflows combining AI and external tools

Example

Research → Summarize → Create document → Send notification

✓

Complete complex tasks end-to-end without manual steps

Implementation Guide▌

Prerequisites

›Claude Desktop 0.7.0+ or Cursor IDE with MCP support
›Basic understanding of MCP architecture and capabilities
›Access credentials for integrated services (if required)
›Willingness to experiment and iterate on configuration

Time Estimate

15-60 minutes depending on server complexity

Installation Steps

1.Install MCP server: npm install -g [package-name] or via GitHub
2.Add server configuration to ~/.claude/mcp.json
3.Provide required credentials and configuration
4.Restart Claude Desktop to load new server
5.Test basic functionality with simple prompts
6.Explore capabilities and experiment with use cases
7.Document successful patterns for reuse

Troubleshooting

⚠MCP server not loading: Check config syntax, verify installation
⚠Connection errors: Check network, firewall, credentials
⚠Feature not working: Read server docs, check required parameters
⚠Performance issues: Monitor resource usage, check for network latency
⚠Conflicts with other servers: Check port assignments, namespace collisions

Best Practices▌

✓ Do

+Read server documentation thoroughly before setup
+Start with simple use cases to validate functionality
+Test in non-production environment first
+Monitor resource usage and performance
+Keep servers updated for bug fixes and new features
+Document configuration for team members
+Use environment variables for sensitive configuration

✗ Don't

−Don't grant overly permissive access to MCP servers
−Don't skip reading security considerations in docs
−Don't expose sensitive data without proper controls
−Don't run untrusted MCP servers without code review
−Don't ignore error messages—investigate root cause

💡 Pro Tips

★Combine multiple MCP servers for powerful workflows
★Create custom MCP servers for your specific needs
★Share successful configurations with team
★Use MCP inspector for debugging
★Join MCP community for tips and troubleshooting

Technical Details▌

Architecture

Model Context Protocol standardizes how AI hosts (Claude, Cursor) communicate with external tools and data sources through server implementations.

Protocols

Model Context Protocol (MCP)
JSON-RPC 2.0
stdio or HTTP transport

Compatibility

Claude Desktop
Cursor IDE
Custom MCP clients

When to Use This▌

✓ Use When

Use when you need Claude to access external data, execute actions, or integrate with tools. Best for extending AI capabilities beyond conversation.

✗ Avoid When

Avoid when native integrations exist (use official APIs directly), for real-time critical systems, or when security/compliance requires zero external dependencies.

Integration▌

→Tool composition: Chain multiple MCP tools in workflows
→Context augmentation: Provide AI with relevant external data
→Action delegation: Let AI execute tasks on external systems
→Bidirectional sync: Keep AI context and external systems in sync

Discussion

Product Hunt–style comments (not star reviews)

No comments yet — start the thread.

List & Promote Your MCP Server

Share your MCP server with the developer community

GET_STARTED →

MCP server reviews

Ratings

4.8★★★★★48 reviews

★★★★★Amina Patel· Dec 24, 2024
Useful MCP listing: Keycloak is the kind of server we cite when onboarding engineers to host + tool permissions.
★★★★★Aarav Robinson· Dec 24, 2024
Strong directory entry: Keycloak surfaces stars and publisher context so we could sanity-check maintenance before adopting.
★★★★★Emma Desai· Dec 4, 2024
Keycloak reduced integration guesswork — categories and install configs on the listing matched the upstream repo.
★★★★★Emma Agarwal· Nov 23, 2024
I recommend Keycloak for teams standardizing on MCP; the explainx.ai page compares cleanly with sibling servers.
★★★★★Isabella Garcia· Nov 19, 2024
We wired Keycloak into a staging workspace; the listing’s GitHub and npm pointers saved time versus hunting across READMEs.
★★★★★Ren Harris· Nov 15, 2024
Strong directory entry: Keycloak surfaces stars and publisher context so we could sanity-check maintenance before adopting.
★★★★★Kabir White· Nov 15, 2024
Useful MCP listing: Keycloak is the kind of server we cite when onboarding engineers to host + tool permissions.
★★★★★Ishan Brown· Oct 14, 2024
Strong directory entry: Keycloak surfaces stars and publisher context so we could sanity-check maintenance before adopting.
★★★★★Emma Sanchez· Oct 10, 2024
Keycloak is a well-scoped MCP server in the explainx.ai directory — install snippets and categories matched our Claude Code setup.
★★★★★Ren Zhang· Oct 6, 2024
I recommend Keycloak for teams standardizing on MCP; the explainx.ai page compares cleanly with sibling servers.

showing 1-10 of 48

1 / 5