Back to Skills

keycloak-admin

verified

Keycloak administration including realm management, client configuration, OAuth 2.0 setup, user management with custom attributes, role and group management, theme deployment, and token configuration. Activate for Keycloak Admin API operations, authentication setup, and identity provider configuration.

View on GitHub

Marketplace

claude-orchestration

Lobbi-Docs/claude

Plugin

lobbi-platform-manager

platform

Repository

Lobbi-Docs/claude
1stars

plugins/lobbi-platform-manager/skills/keycloak-admin/SKILL.md

Last Verified

January 24, 2026

Install Skill

Select agents to install to:

Scope:
npx add-skill https://github.com/Lobbi-Docs/claude/blob/main/plugins/lobbi-platform-manager/skills/keycloak-admin/SKILL.md -a claude-code --skill keycloak-admin

Installation paths:

Claude
.claude/skills/keycloak-admin/
Powered by add-skill CLI

Instructions

# Keycloak Admin Skill

Comprehensive Keycloak administration for the keycloak-alpha multi-tenant MERN platform with OAuth 2.0 Authorization Code Flow.

## When to Use This Skill

Activate this skill when:
- Setting up Keycloak realms and clients
- Configuring OAuth 2.0 Authorization Code Flow
- Managing users with custom attributes (org_id)
- Deploying custom themes
- Troubleshooting authentication issues
- Configuring token lifetimes and session management

## Keycloak Admin REST API

### Authentication

Use the admin-cli client to obtain an access token:

```bash
# Get admin access token
TOKEN=$(curl -X POST "http://localhost:8080/realms/master/protocol/openid-connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=admin" \
  -d "password=admin" \
  -d "grant_type=password" \
  -d "client_id=admin-cli" | jq -r '.access_token')

# Use token in subsequent requests
curl -H "Authorization: Bearer $TOKEN" \
  "http://localhost:8080/admin/realms/master"
```

### Key API Endpoints

| Endpoint | Method | Purpose |
|----------|--------|---------|
| `/admin/realms` | GET | List all realms |
| `/admin/realms/{realm}` | POST | Create realm |
| `/admin/realms/{realm}/clients` | GET/POST | Manage clients |
| `/admin/realms/{realm}/users` | GET/POST | Manage users |
| `/admin/realms/{realm}/roles` | GET/POST | Manage roles |
| `/admin/realms/{realm}/groups` | GET/POST | Manage groups |

## Realm Creation and Configuration

### Create a New Realm

```bash
# Create realm with basic configuration
curl -X POST "http://localhost:8080/admin/realms" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "realm": "lobbi",
    "enabled": true,
    "displayName": "Lobbi Platform",
    "sslRequired": "external",
    "registrationAllowed": false,
    "loginWithEmailAllowed": true,
    "duplicateEmailsAllowed": false,
    "resetPasswordAllowed": true,
    "editUsernameAllowed": false,
    "bruteForceProtected": true,

Validation Details

Front Matter
Required Fields
Valid Name Format
Valid Description
Has Sections
Allowed Tools
Instruction Length:
16528 chars