keycloak model context protocol

Local 2025-08-31 23:28:00 0
Security And IAM @ChristophEnglisch/keycloak-model-context-protocol

A Model Context Protocol server that provides tools to manage Keycloak users and realms, allowing you to create and delete users, list available realms, and view users in specific realms.

smithery badge

A Model Context Protocol server for Keycloak administration, providing tools to manage users and realms.

Features

  • Create new users in specific realms
  • Delete users from realms
  • List available realms
  • List users in specific realms

Installation

Installing via Smithery

To install Keycloak for Claude Desktop automatically via Smithery:

npx -y @smithery/cli install keycloak-model-context-protocol --client claude

The server is available as an NPM package: 

# Direct usage with npx
npx -y keycloak-model-context-protocol

# Or global installation
npm install -g keycloak-model-context-protocol

Local Development Setup

If you want to develop or modify the server:

git clone <repository-url>
cd keycloak-model-context-protocol
npm install
npm run build

Configuration

Configure the server in your Claude Desktop configuration file:

{
  "mcpServers": {
    "keycloak": {
      "command": "npx",
      "args": ["-y", "keycloak-model-context-protocol"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

For Local Development

{
  "mcpServers": {
    "keycloak": {
      "command": "node",
      "args": ["path/to/dist/index.js"],
      "env": {
        "KEYCLOAK_URL": "http://localhost:8080",
        "KEYCLOAK_ADMIN": "admin",
        "KEYCLOAK_ADMIN_PASSWORD": "admin"
      }
    }
  }
}

Available Tools

create-user

Creates a new user in a specified realm.

Inputs: - realm: The realm name - username: Username for the new user - email: Email address for the user - firstName: User is first name - lastName: User is last name

delete-user

Deletes a user from a specified realm.

Inputs: - realm: The realm name - userId: The ID of the user to delete

list-realms

Lists all available realms.

list-users

Lists all users in a specified realm.

Inputs: - realm: The realm name

Development

npm run watch

Testing

To test the server using MCP Inspector:

npx -y @modelcontextprotocol/inspector npx -y keycloak-model-context-protocol

Deployment

NPM Package

This project is automatically published to NPM via GitHub Actions when a new release is published on GitHub.

Setup Requirements for Deployment

  1. Create NPM account and get access token
  2. Add NPM_TOKEN secret to GitHub repository
  3. Go to repository Settings > Secrets
  4. Add new secret named NPM_TOKEN
  5. Paste your NPM access token as the value

Prerequisites

  • Node.js 18 or higher
  • Running Keycloak instance
[
  {
    "description": "Create a new user in a specific realm",
    "inputSchema": {
      "properties": {
        "email": {
          "format": "email",
          "type": "string"
        },
        "firstName": {
          "type": "string"
        },
        "lastName": {
          "type": "string"
        },
        "realm": {
          "type": "string"
        },
        "username": {
          "type": "string"
        }
      },
      "required": [
        "realm",
        "username",
        "email",
        "firstName",
        "lastName"
      ],
      "type": "object"
    },
    "name": "create-user"
  },
  {
    "description": "Delete a user from a specific realm",
    "inputSchema": {
      "properties": {
        "realm": {
          "type": "string"
        },
        "userId": {
          "type": "string"
        }
      },
      "required": [
        "realm",
        "userId"
      ],
      "type": "object"
    },
    "name": "delete-user"
  },
  {
    "description": "List all available realms",
    "inputSchema": {
      "properties": {},
      "required": [],
      "type": "object"
    },
    "name": "list-realms"
  },
  {
    "description": "List users in a specific realm",
    "inputSchema": {
      "properties": {
        "realm": {
          "type": "string"
        }
      },
      "required": [
        "realm"
      ],
      "type": "object"
    },
    "name": "list-users"
  }
]