Keycloak Configuration¶
Follow these steps to enable Keycloak integration with Cartography.
Create your client in Keycloak
Log into the Keycloak admin console
Inside the
master
realm, create a new client:Under General settings, set the client type to
OpenID Connect
In the Capability config section, enable only
Client authentication
, and check onlyService account roles
Go to the Credentials tab of your client and copy the client secret
Store the client secret in an environment variable. You’ll need to pass the variable name to Cartography using the
--keycloak-client-secret-env-var
CLI flagProvide the client ID using the
--keycloak-client-id
parameter
Set the base URL of your Keycloak instance with the
--keycloak-url
parameterIf you created your client in a realm other than
master
, specify it using the--keycloak-realm
parameter