Advanced Keycloak MCP server

Instructions

Implementation Reference

• src/index.ts:105-134 (handler)

  Core handler function in KeycloakService that creates a new user using the Keycloak Admin Client API.
  async createUser(params: { realm: string; username: string; email: string; firstName: string; lastName: string; enabled?: boolean; emailVerified?: boolean; credentials?: Array<{ type: string; value: string; temporary?: boolean; }>; }) { await this.authenticate(); this.client.setConfig({ realmName: params.realm }); const user = await this.client.users.create({ realm: params.realm, username: params.username, email: params.email, firstName: params.firstName, lastName: params.lastName, enabled: params.enabled !== undefined ? params.enabled : true, emailVerified: params.emailVerified, credentials: params.credentials, }); return user; }
• src/index.ts:497-508 (handler)

  MCP tool handler in the callTool request handler that processes 'create-user' tool calls by validating input and delegating to KeycloakService.
  case "create-user": { const params = CreateUserSchema.parse(args); const user = await keycloakService.createUser(params); return { content: [ { type: "text", text: `User created successfully. User ID: ${user.id}`, }, ], }; }
• src/index.ts:443-460 (schema)

  Zod schema for validating input parameters to the create-user tool.
  const CreateUserSchema = z.object({ realm: z.string(), username: z.string(), email: z.string().email(), firstName: z.string(), lastName: z.string(), enabled: z.boolean().default(true), emailVerified: z.boolean().optional(), credentials: z .array( z.object({ type: z.string(), value: z.string(), temporary: z.boolean().optional(), }) ) .optional(), });
• src/index.ts:336-363 (schema)

  Input schema advertised to clients in the listTools response for the create-user tool.
  name: "create-user", description: "Create a new user in a specific realm", inputSchema: { type: "object", properties: { realm: { type: "string", description: "Realm name" }, username: { type: "string", description: "Username for the new user" }, email: { type: "string", format: "email", description: "Email address for the new user" }, firstName: { type: "string", description: "First name of the user" }, lastName: { type: "string", description: "Last name of the user" }, enabled: { type: "boolean", description: "Whether the user is enabled", default: true }, emailVerified: { type: "boolean", description: "Whether the email is verified" }, credentials: { type: "array", items: { type: "object", properties: { type: { type: "string", description: "Credential type (e.g., 'password')" }, value: { type: "string", description: "Credential value" }, temporary: { type: "boolean", description: "Whether the credential is temporary" }, }, required: ["type", "value"], }, description: "User credentials", }, }, required: ["realm", "username", "email", "firstName", "lastName"], },
• src/index.ts:335-364 (registration)

  Registration of the create-user tool in the listTools response.
  { name: "create-user", description: "Create a new user in a specific realm", inputSchema: { type: "object", properties: { realm: { type: "string", description: "Realm name" }, username: { type: "string", description: "Username for the new user" }, email: { type: "string", format: "email", description: "Email address for the new user" }, firstName: { type: "string", description: "First name of the user" }, lastName: { type: "string", description: "Last name of the user" }, enabled: { type: "boolean", description: "Whether the user is enabled", default: true }, emailVerified: { type: "boolean", description: "Whether the email is verified" }, credentials: { type: "array", items: { type: "object", properties: { type: { type: "string", description: "Credential type (e.g., 'password')" }, value: { type: "string", description: "Credential value" }, temporary: { type: "boolean", description: "Whether the credential is temporary" }, }, required: ["type", "value"], }, description: "User credentials", }, }, required: ["realm", "username", "email", "firstName", "lastName"], }, },