Keycloak MCP Server

Instructions

Implementation Reference

• src/services/keycloak.ts:28-40 (handler)

  The core handler function that executes the create-user tool logic: parses input with Zod schema and creates user using Keycloak Admin Client.
  public async createUser(args: unknown): Promise<string> { const { realm, username, email, firstName, lastName } = CreateUserSchema.parse(args); const user: UserRepresentation = await this.kcAdminClient.users.create({ realm, username, email, firstName, lastName, enabled: true, }); return `User created successfully. User ID: ${user.id}`; }
• src/schemas/index.ts:47-57 (schema)

  JSON Schema definition for the 'create-user' tool input, referenced in tool registration.
  "create-user": { type: "object", properties: { realm: { type: "string" }, username: { type: "string" }, email: { type: "string", format: "email" }, firstName: { type: "string" }, lastName: { type: "string" }, }, required: ["realm", "username", "email", "firstName", "lastName"], },
• src/schemas/index.ts:3-9 (schema)

  Zod validation schema for create-user arguments, used inside the handler for input parsing.
  export const CreateUserSchema = z.object({ realm: z.string(), username: z.string(), email: z.string().email(), firstName: z.string(), lastName: z.string(), });
• src/server.ts:36-40 (registration)

  Tool registration in the listTools handler: defines name, description, and input schema.
  { name: "create-user", description: "Create a new user in a specific realm", inputSchema: InputSchema["create-user"], },
• src/server.ts:95-100 (handler)

  Dispatch case in the callToolRequest handler that invokes the createUser service method.
  case "create-user": return { content: [ { type: "text", text: await keycloakService.createUser(args) }, ], };