Red Hat Integration - Service Registry
  • Preface
  • Installation
    • Setting Up Project
    • PostgreSQL Database Deployment
      • Install Crunchy Postgres for Kubernetes Operator
      • Deploy PostgreSQL Database
    • Service Registry Deployment
      • Install Service Registry Operator
      • Configuring Service Registry
  • Testing
    • Testing Service Registry
    • REST API Testing Using Postman
    • Performance Testing Using hey
  • Security
    • Securing Service Registry
    • Red Hat Single Sign-On Deployment
      • Installing Red Hat Single Sign-On Operator
      • Deploy Red Hat Single Sign-On
      • Create Keycloak Realm For Service Registry
    • Configuring Service Registry
      • Service Registry with HTTPS
      • Service Registry without HTTPS (less secure)
      • Configuring Service Registry
      • Enable HTTP Basic Authentication
      • Enable Annonymous Read Access
      • Enable Role-Based Authorization
    • Testing Secure Service Registry API
  • Client Application
    • Create SSO Client for Application
    • Kafka Client Application
  • Appendix
    • CRD References
    • Installation Helper Script
    • Service Registry & SSO Integration with Self-Signed Certificate
Powered by GitBook
On this page
  1. Security
  2. Red Hat Single Sign-On Deployment

Create Keycloak Realm For Service Registry

PreviousDeploy Red Hat Single Sign-OnNextConfiguring Service Registry

Last updated 2 years ago

  1. Switch to Administrator view then click Installed Operators and Red Hat Single Sign-On Operator, and click the Keycloak Realm tab, and then Create KeycloakRealm button to create a new realm.

  2. Change to YAML view then copy the conent in and past into the editor. Edit the realm name, redirectUris, webOrigins, username, password etc. values as you need. Then click on Create button.

    You must customize this KeycloakRealm resource with values suitable for your environment if you are deploying to production i.e. realm name, redirectUris, webOrigins, username, password etc. You can also create and manage realms using the Red Hat Single Sign-On web console.

    The configuration in file will create following resources in SSO/Keycloak:

    Realm

    ID

    Display Name

    registry

    Registry

    Role

    Name

    Capabilities

    sr-admin

    Full access, no restrictions.

    sr-developer

    Create artifacts and configure artifact rules. Cannot modify global rules, perform import/export, or use /admin REST API endpoint.

    sr-readonly

    View and search only. Cannot modify artifacts or rules, perform import/export, or use /admin REST API endpoint.

    Client

    Client ID

    Description

    registry-client-ui

    Keycloak client used by Service Registry web console.

    registry-client-api

    Used by Service Registry API client.

    User

    Username

    Password

    Role

    registry-admin

    changeme

    sr-admin

    registry-developer

    changeme

    sr-developer

    registry-user

    changeme

    sr-readonly

  3. Go to Workloads -> Secrets menu, look for credential-keycloak secret and click on it. Then click on Reveal values link to see Keycloak Admin username and password.

  4. Open Keycloak web console, click on Administration Console link. Then sign in with username and password from the previous step.

  5. Select the Registry realm (or the realm you've just created above), then click Users menu, and then click View all users button. You should be able to see a list of users as configured in YAML in the step 2 above.

keycloak-realm.yaml
keycloak-realm.yaml
Realm setup
Realm setup
Realm setup
Realm setup
Realm setup
Realm setup
Realm setup
Realm setup