Keycloak MCP Server
Provides tools for Keycloak admin operations, including managing users, clients, groups, roles, and sessions.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Keycloak MCP Serverlist all users in the master realm"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Keycloak MCP Server
An MCP (Model Context Protocol) server that exposes Keycloak admin operations as tools. It runs over stdio and is launched by an MCP client (Claude Desktop, Claude Code, the MCP Inspector, etc.).
Built on @modelcontextprotocol/sdk
and @keycloak/keycloak-admin-client.
Table of Contents
Related MCP server: Keycloak MCP Server
How it works
The server authenticates to Keycloak using the client_credentials grant (a service account) — no username/password required.
A single shared
KeycloakAdminClientis kept alive with lazy token management: the token is re-fetched only when it is within ~10s of expiry.Every tool takes a
realmargument identifying which realm the operation targets. This is distinct fromKEYCLOAK_REALM, which is only the realm used to authenticate the admin service account.Users are addressed by username, clients by clientId, groups by path or name, and roles by name — no UUIDs required in tool arguments.
All diagnostic logging goes to stderr; stdout is reserved for the MCP protocol.
Requirements
Node.js 18+ (Node 22 recommended)
A running Keycloak instance (v26.x tested)
A confidential client with a service account that has admin roles (see below)
Environment variables
Loaded from a .env file at the project root.
Variable | Required | Default | Description |
| no |
| Base URL of the Keycloak server. |
| no |
| Realm used for admin authentication (where the service-account client lives). Not the target realm of operations. |
| yes | — | The confidential client's |
| yes | — | The service account client secret. Keep this out of version control. |
Example .env:
KEYCLOAK_BASE_URL=http://localhost:8080
KEYCLOAK_REALM=master
KEYCLOAK_CLIENT_ID=keycloak-mcp
KEYCLOAK_CLIENT_SECRET=your-service-account-secret⚠️ Add
.envto.gitignore. The secret is a full admin credential.
Keycloak setup (service account)
In the realm that will authenticate the server (usually
master), create a client (e.g.keycloak-mcp):Client authentication: On (confidential)
Service accounts roles: Enabled
Standard/Direct-access flows can be off.
Copy the client secret from Credentials into
KEYCLOAK_CLIENT_SECRET.Grant the service account admin roles under Service account roles:
For full access: assign the
adminrole (orrealm-adminfrom therealm-managementclient of each target realm).For read-only usage: assign roles like
view-users,view-clients,view-realm,query-users,query-clients.Write tools (create/update/delete user, reset password, assign roles, group membership, send email, logout) additionally need
manage-usersandmanage-clients.Realm-level writes (
set-realm-enabled,create-realm-role,delete-realm-role,create-group,delete-group) needmanage-realm.impersonate-userneeds theimpersonationrole.create-client/regenerate-client-secretneedmanage-clients.
Install & run
npm install
npm run dev # Run the server over stdio, loading .env
npm run inspect # Launch the MCP Inspector against the server for interactive testingnpm run dev runs the TypeScript entry point directly via tsx --env-file=.env src/index.ts.
There is no separate build step.
Integrate with Claude
Claude Code (CLI)
The simplest, self-contained registration points the project's local tsx binary at the
entry file and loads secrets from .env (so no secrets appear on the command line):
# From the project root
P="$(pwd)"
claude mcp add keycloak --scope user -- \
"$P/node_modules/.bin/tsx" --env-file="$P/.env" "$P/src/index.ts"Verify it connected:
claude mcp list
# keycloak: .../tsx --env-file=.../.env .../src/index.ts - ✔ ConnectedPrefer passing env vars explicitly instead of an .env file? Use --env flags:
P="$(pwd)"
claude mcp add keycloak --scope user \
--env KEYCLOAK_BASE_URL=http://localhost:8080 \
--env KEYCLOAK_REALM=master \
--env KEYCLOAK_CLIENT_ID=keycloak-mcp \
--env KEYCLOAK_CLIENT_SECRET=your-service-account-secret \
-- "$P/node_modules/.bin/tsx" "$P/src/index.ts"To remove it later: claude mcp remove keycloak.
Claude Desktop
Edit the MCP config file:
macOS:
~/Library/Application Support/Claude/claude_desktop_config.jsonWindows:
%APPDATA%\Claude\claude_desktop_config.json
Add a keycloak entry under mcpServers (use absolute paths):
{
"mcpServers": {
"keycloak": {
"command": "/absolute/path/to/keycloak-mcp/node_modules/.bin/tsx",
"args": [
"--env-file=/absolute/path/to/keycloak-mcp/.env",
"/absolute/path/to/keycloak-mcp/src/index.ts"
]
}
}
}Or pass credentials inline via env instead of --env-file:
{
"mcpServers": {
"keycloak": {
"command": "/absolute/path/to/keycloak-mcp/node_modules/.bin/tsx",
"args": ["/absolute/path/to/keycloak-mcp/src/index.ts"],
"env": {
"KEYCLOAK_BASE_URL": "http://localhost:8080",
"KEYCLOAK_REALM": "master",
"KEYCLOAK_CLIENT_ID": "keycloak-mcp",
"KEYCLOAK_CLIENT_SECRET": "your-service-account-secret"
}
}
}
}Restart Claude Desktop. The Keycloak tools then appear in the tools (🔨) menu.
MCP Inspector
npm run inspectOpens the Inspector UI where you can browse and invoke each tool interactively.
Tools reference
All tools take a realm argument (the target realm) unless noted. Identifiers are
human-readable: users by username, clients by clientId, groups by path/name, roles
by name. List tools support first/max pagination (default first=0, max=50, max 200).
Read — Users
Tool | Description | Arguments |
| List users (id, username, email, enabled, federation link). |
|
| Get a single user by username, with profile fields and attributes. Optionally include groups and realm roles. |
|
| Count users, optionally matching a search term. Handy before paginating. |
|
| List the groups a user is a direct member of (id, name, path). |
|
| List a user's directly-assigned role mappings: realm roles plus client roles grouped by client. |
|
| List a user's credential metadata (id, type, label, created date). No secret values. |
|
| List a user's active sessions (start/last-access times, IP, clients used). |
|
| Find users by a custom attribute key/value (exact match). Paginated. |
|
Read — Clients
Tool | Description | Arguments |
| List clients (id, clientId, name, enabled, protocol, public flag). Filter by clientId; paginated. |
|
| Get one client by clientId (protocol, flow settings, redirect URIs, web origins). No secret. |
|
| Retrieve a confidential client's current secret. Sensitive — non-public clients only. |
|
Read — Groups
Tool | Description | Arguments |
| List groups as a tree (id, name, path, nested subGroups). Search + paginate top-level groups. |
|
| List members of a group (by path or name): id, username, email, enabled. |
|
Read — Roles
Tool | Description | Arguments |
| List realm-level roles (id, name, description, composite flag). Search + paginate. |
|
| List roles defined by a specific client (by clientId). |
|
| List users that have a given realm role assigned. |
|
Read — Realms
Tool | Description | Arguments |
| List realms visible to the admin service account (id, realm, enabled). Needs realm-view. | (none) |
| Get a realm's key settings: enabled, login flags, token/session lifespans, SMTP-configured. |
|
Write — Realms
Tool | Description | Arguments |
| Enable or disable a realm. Disabling blocks all logins to it immediately. |
|
Write — Users
Tool | Description | Arguments |
| Create a user; returns the new id. Optional permanent initial password. Fails if username exists. |
|
| Update profile fields of an existing user. Only supplied fields change; needs ≥1 field. |
|
| Enable or disable an account. Disabling blocks login immediately. |
|
| Permanently delete a user. Irreversible — prefer |
|
| Set a new password. |
|
| Email the user required actions (e.g. |
|
| Revoke all of a user's active sessions, forcing re-authentication everywhere. |
|
| Start an impersonation session via the admin account. Sensitive — returns session/redirect data. |
|
Write — Role mappings
Tool | Description | Arguments |
| Assign a realm role to a user. Idempotent. |
|
| Remove a realm role from a user. Idempotent. |
|
| Assign a client-level role to a user. Idempotent. |
|
| Remove a client-level role from a user. Idempotent. |
|
Write — Roles
Tool | Description | Arguments |
| Create a realm-level role. Fails if the name already exists. |
|
| Delete a realm role by name. Irreversible — unmaps it from every user and group. |
|
Write — Groups
Tool | Description | Arguments |
| Add a user to a group (by path or name). Idempotent. |
|
| Remove a user from a group (by path or name). Idempotent. |
|
| Create a top-level group, or a nested child when a |
|
| Delete a group (by path or name), including its subgroups. Irreversible. |
|
Write — Clients
Tool | Description | Arguments |
| Register a new client. Defaults to confidential standard-flow; toggle public / service-account. |
|
| Rotate a confidential client's secret and return the new value. Sensitive; old secret dies. |
|
Usage tips
Once integrated, you can prompt Claude in natural language, for example:
“List the first 10 users in the
financement-realmrealm whose name containsdupont.”“Show details for user
jdoeinfinancement-realm, including their groups and realm roles.”“Disable the account
olduserinfinancement-realm.”“Assign the
offline_accessrealm role tojdoeinfinancement-realm.”“Set
jdoe's email tojdoe@example.comand mark it verified.”“Send
jdoea VERIFY_EMAIL and UPDATE_PASSWORD action email.”“Log
jdoeout of all sessions infinancement-realm.”“Create a
billing-adminrealm role and assign it tojdoe.”“Rotate the client secret for
my-backendinfinancement-realm.”“Find all users in
financement-realmwith attributedepartment = finance.”
Claude will pick the matching tool and fill in the arguments.
⚠️ Destructive tools have no confirmation step.
delete-user,delete-group,delete-realm-role,logout-user,set-realm-enabled(false)andregenerate-client-secrettake effect immediately and cannot be undone.
Troubleshooting
Symptom | Likely cause / fix |
Server won't connect in | Check absolute paths; run |
| Wrong |
Tool returns "not found" | Verify |
| Client is public (no secret) — only confidential clients have one. |
| The target realm has no SMTP server configured. |
| Service account lacks |
Missing users/clients in list | Service account lacks |
Changes not visible in Claude Desktop | Fully restart the app after editing the config. |
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/ZakariaDani/keycloak-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server