AMT Help Files
Home
chevron_forward
AMT Admin
chevron_forward
Advanced Configuration
chevron_forward
Keycloak

Keycloak

 This information is incomplete.

Installation

Download and extract the latest version of Keycloak.

Keycloak Setup

Starting Keycloak

  1. Open a terminal and navigate to the keycloak-<version>\bin folder.
  2. Enter the following command to start Keycloak:
    kc.bat start-dev
    warning Using the start-dev parameter is only meant for the first time setup. It is not recommended for production environments.
  3. Open a web browser and browse to localhost:8080.

Creating An Admin Account

  1. Fill the form with a username and password to create the admin account.
  2. Click the Open Administration Console button and log in with the admin account.
  3. Navigate to http://localhost:8080/admin to access the Admin Console.
  4. Log in using the credentials of the admin account.

Creating A Realm And A User

  1. In the Administration Console, click on the drop-down menu at the top-left of the page and select Create realm.
  2. Enter a name for the realm. For example, "AMTRealm" and click the Create button.
  3. Within the newly created realm, click Users in the menu on the left side.
  4. Click Create new user.
  5. Enter a value for the following fields:
    1. Username
    2. First name
    3. Last name
  6. Click the Create button.
  7. Click Credentials.
  8. Enter a password for the new user.
  9. Confirm the password by re-entering it in the Password confirmation field.
  10. Click the Save button.

Optional – Verifying User Configuration

  1. Navigate to http://localhost:8080/realms/myrealm/account to open the Account Console.
  2. Log in using the credentials of the user created in the previous section.
  3. From the Account Console, the user configuration can be verified and the account and profile can be managed.

Securing An Application

  1. Navigate to http://localhost:8080/admin to access the Admin Console.
  2. Within the realm, click Clients in the sidebar menu, then click the Create client button.
  3. In the General settings menu, configure the following:
    1. Client type: OpenID Connect
    2. Client ID: amt-java-cc
    3. Name: AMT Java Control Center
  4. Click the Next button.
  5. Leave the Capability settings as is and click the Next button.
  6. Configure the following Login settings:
    1. Root URL: http://localhost:4200
    2. Home URL: http://localhost:4200
    3. Valid redirect URIs:
      1. http://localhost:4200/*
      2. http://localhost:4300/*
    4. Valid post logout redirect URIs: None
    5. Web origins:
      1. http://localhost:4200
      2. http://localhost:4300

Creating A Client Scope

  1. Navigate to Client scopes in the sidebar menu, then click the Create client scope button.
  2. Configure the following Client scope settings.
    1. Name: audience_scope
    2. Description: A scope to append correct audiences to access tokens
    3. Type: None
  3. Click the Save button.
  4. Click the Mappers tab and click on Configure a new mapper to configure the following:
    1. Name: audience mapper
    2. Included Client Audience: amt-java-cc
    3. Add to access token: On
  5. Click the Save button.
© Copyright 2025, Avanade
 Go to top 
❮ Previous Next ❯