Skip to content

Setting up Keycloak for basebox

See also our Authorization Guide.

About KeyCloak

KeyCloak is an open source Identity and Access Management server that is officially supported by basebox. This can be self-hosted, either on a physical server or as a container (there are official images for Docker, Podman, Kubernetes and OpenShift).


  1. Once you have installed KeyCloak, log in.
  2. Create a new Realm by clicking on the dropdown on the left hand side menu. The dropdown should currently say master. Once you've clicked on the dropdown, you will see Create realm. Enter a realm name, this could be the name of your project.
  3. Now create a new client by going to Clients and clicking on Create client. The client represents your application.
  4. Note that, depending on the type of application that you are building, you can turn Client Authentication on. Client Authentication will create a client secret to use with authentication (this would be used more with server to server authentication for example, but should not be used on a front-end application). You can also use the client secret to get an access token on the command line if required. If you don't enable it, there are other means to get an access token (see Testing).

Last update: 2023-12-19