JDK 17+
Keycloak 25.0.2
Keycloak is an open source Identity and Access management system for modern applications and services.
more info https://github.com/keycloak/keycloak
This is extension to keycloak, where it provides capability of user provisioning to external scim service providers from keycloak identity server.
Use docker or build your own jar
# on Linux/Windows
docker run -it --rm --name keycloak-scim2-storage -p 8080:8080 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin suvera/keycloak-scim2-storage:v0.2
# on MAC OS (specify platform)
docker run -it --rm --name keycloak-scim2-storage -p 8080:8080 --platform linux/amd64 -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin suvera/keycloak-scim2-storage:v0.2
Access keycloak server here http://localhost:8080/
User: admin Password: admin
# clone this repo
cd keycloak-scim2-storage
mvn clean install
# Take the backup of your Keyclock DB, this extension has new tables added.
# Copy jar file to keyclock server
cp -f target/suvera-keycloak-scim2-outbound-provisioning-jar-with-dependencies.jar \
/path/to/keycloak-25.0.2/provides/
# build & start keycloak server
/path/to/keycloak-25.0.2/bin/kc.sh build
/path/to/keycloak-25.0.2/bin/kc.sh start-dev
Here is the tool to test the compliance level https://github.com/suvera/scim2-compliance-test-utility
-
Login to Keyclock as "admin"
-
Select "User Federation" Add SCIM 2.0 Service Provider
-
Add new SCIM 2.0 User federation
- Bearer Token Authentication also supported, though it's not shown in the screenshot.
- Now go to "Users -> Add New User"
- That's it!, User will be added to your SCIM 2.0 Service provider too.