Skip to main content
Glama

Keycloak MCP Server

Keycloak MCP Server

npm version License: MIT Downloads Node version smithery badge

A Model Context Protocol (MCP) server implementation for Keycloak, providing a standardized interface for managing Keycloak users and realms.

Description

This project implements an MCP server that integrates with Keycloak, allowing you to manage Keycloak users and realms through a standardized protocol. It uses the official Keycloak Admin Client to interact with Keycloak's API.

Feature Demo

https://github.com/user-attachments/assets/4b02a049-b8d6-4cc5-a7b4-564a0e758dd8

Available Tools

create-user

Creates a new user in a specified realm.

Inputs:

  • realm: The realm name

  • username: Username for the new user

  • email: Email address for the user

  • firstName: User's first name

  • lastName: User's last name

delete-user

Deletes a user from a specified realm.

Inputs:

  • realm: The realm name

  • userId: The ID of the user to delete

list-realms

Lists all available realms.

list-users

Lists all users in a specified realm.

Inputs:

  • realm: The realm name

list-clients

Lists all clients in a specified realm.

Inputs:

  • realm: The realm name

list-groups

Lists all groups in a specified realm.

Inputs:

  • realm: The realm name

list-client-roles

Lists all roles for a specific client in a realm.

Inputs:

  • realm: The realm name

  • clientUniqueId: The unique ID of the client

assign-client-role-to-user

Assigns a client role to a specific user.

Inputs:

  • realm: The realm name

  • userId: The ID of the user

  • clientUniqueId: The unique ID of the client

  • roleName: The name of the role to assign

add-user-to-group

Adds a user to a specific group.

Inputs:

  • realm: The realm name

  • userId: The ID of the user

  • groupId: The ID of the group

Prerequisites

  • Node.js (Latest LTS version recommended)

  • npm

  • A running Keycloak instance

Installation

Installing via Smithery

To install keycloak-mcp for Claude Desktop automatically via Smithery:

$ npx -y @smithery/cli install @HaithamOumerzoug/keycloak-mcp --client claude

Installing via NPM

Configure environment:

  • You can set configuration options using command-line arguments or environment variables:

    • --keycloak-url <Keycloak Instance URL>

    • --keycloak-admin <Admin Username>

    • --keycloak-admin-password <Admin Password>

  • These arguments override environment variables if both are set.

Start the server:

The server is available as an NPM package:

# Direct usage with npx $ npx -y keycloak-mcp --keycloak-url <Keycloak Instance URL> --keycloak-admin <Admin Username> --keycloak-admin-password <Admin Password> # Or global installation $ npm install -g keycloak-mcp@latest $ keycloak-mcp --keycloak-url <Keycloak Instance URL> --keycloak-admin <Admin Username> --keycloak-admin-password <Admin Password>

Configuration

Using NPM Package

Configure the server in your Cursor IDE, Cline or Claude Desktop MCP configuration file:

{ "mcpServers": { "keycloak": { "command": "npx", "args": ["-y", "keycloak-mcp"], "env": { "KEYCLOAK_URL": "http://localhost:8080", "KEYCLOAK_ADMIN": "admin", "KEYCLOAK_ADMIN_PASSWORD": "admin" } } } }

For Local Development

{ "mcpServers": { "keycloak": { "command": "node", "args": ["path/to/dist/server.js"], "env": { "KEYCLOAK_URL": "http://localhost:8080", "KEYCLOAK_ADMIN": "admin", "KEYCLOAK_ADMIN_PASSWORD": "admin" } } } }

Development

To set up the development environment:

  1. Clone the repository

  2. Install dependencies:

    npm install
  3. Set env vars

    cp .env.template .env # Edit the .env file and set all variables with the appropriate values
  4. Start the project:

    npm run dev

Available Scripts

  • npm run build - Builds the project and makes the CLI executable

  • npm run prepare - Runs the build script (used during package installation)

  • npm run dev - Watches for changes and rebuilds automatically

  • npm start - Starts the server (for production)

Dependencies

Main Dependencies

  • @keycloak/keycloak-admin-client - Official Keycloak Admin Client

  • @modelcontextprotocol/sdk - MCP SDK for standardized protocol implementation

  • zod - TypeScript-first schema validation

  • chalk - Terminal string styling

  • yargs - Parsing command-line arguments

Dev Dependencies

  • typescript - For TypeScript support

  • @types/node - TypeScript definitions for Node.js

  • shx - Cross-platform shell commands

  • ts-node - TypeScript execution and REPL for Node.js

  • rimraf - A cross-platform tool to remove directories

  • @types/yargs - TypeScript definitions for yargs

License

MIT

Author

OUMERZOUG Haitham

Deploy Server
A
security – no known vulnerabilities
A
license - permissive license
A
quality - confirmed to work

remote-capable server

The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.

A Model Context Protocol server that enables management of Keycloak users and realms through a standardized interface, providing tools for user creation, deletion, role assignment, and group management.

  1. Description
    1. Feature Demo
      1. Available Tools
        1. create-user
        2. delete-user
        3. list-realms
        4. list-users
        5. list-clients
        6. list-groups
        7. list-client-roles
        8. assign-client-role-to-user
        9. add-user-to-group
      2. Prerequisites
        1. Installation
          1. Installing via Smithery
          2. Installing via NPM
        2. Configuration
          1. Using NPM Package
          2. For Local Development
        3. Development
          1. Available Scripts
        4. Dependencies
          1. Main Dependencies
          2. Dev Dependencies
        5. License
          1. Author

            Related MCP Servers

            • A
              security
              F
              license
              A
              quality
              A Model Context Protocol server that provides tools to manage Keycloak users and realms, allowing you to create and delete users, list available realms, and view users in specific realms.
              Last updated -
              4
              22
              32
            • A
              security
              A
              license
              A
              quality
              A Model Context Protocol server that enables managing Terrakube infrastructure through natural language, handling workspace management, variables, modules, and organization operations.
              Last updated -
              16
              1
              2
              Apache 2.0
            • A
              security
              F
              license
              A
              quality
              A Model Context Protocol server implementation that provides endpoints for wallet-based authentication, cluster management, and name registration services.
              Last updated -
              1
            • -
              security
              F
              license
              -
              quality
              A Model Context Protocol server that integrates with Slack API, allowing users to send messages, view channel history, manage channels, send direct messages, and retrieve user lists from Slack workspaces.
              Last updated -
              1
              • Apple
              • Linux

            View all related MCP servers

            MCP directory API

            We provide all the information about MCP servers via our MCP API.

            curl -X GET 'https://glama.ai/api/mcp/v1/servers/HaithamOumerzoug/keycloak-mcp'

            If you have feedback or need assistance with the MCP directory API, please join our Discord server