Opstella Keycloak Initial Configurations

You need to perform the following to initialise the integration to Opstella and put your customization for your Opstella instance must be done here.

Sign In to Keycloak Administration Panel

1. Go to idp.${BASE_DOMAIN}
2. Sign-in to Keycloak with Initial Admin Local Account (Usually admin), go to master Keycloak Realm (Default First Keycloak Realm)

Setup Dedicated Keycloak Realm

Be sure to do it on master Keycloak Realm and create a dedicated Keycloak Realm for Opstella

You will be setup dedicated Keycloak Realm followed to what you have define the name for it.

```sh frame=none Ensure KEYCLOAK_REALM is defined as per the Shell Variables guide.

1. Go to Realm List (Top Left) > Create realm

   

   Give the pre-defined Keycloak Realm name in Realm name

   For example - Foobar Company: Keycloak Realm name will be foobar-opstella

   

   Click Create and you should be greeted with the newly created Keycloak Realm

   

   Before you go

   Keep looking at the top left of the Keycloak Admin Panel, the Realm List.

   💡 Be sure to selected the newly created dedicated Keycloak Realm. foobar-opstella

2. Go to Realm settings > General tab

   2.1 Configure the following:

   • Display name: Opstella - <CHANGEME>
   • HTML Display name: <div class="kc-logo-text"><span>Opstella - <CHANGEME></span></div>

   Note

   <CHANGEME> to foobar (Company/Organisation Name)

   

   2.2 Click Save

3. Go to Realm settings > Themes

   • Login theme: Choose opstella-v5 or opstella
   • Email theme: Choose opstella-v5 or opstella

   

Setup Keycloak Groups

💡 Be sure to do it on your dedicated Keycloak Realm. foobar-opstella

Create the following Keycloak Group with the following name, which is used for some application to map the role within its application

• Group Name: fake-group ; Must Create

1. Go to Groups > Create group

   

2. Put in Group Name > Click Create

   

Setup Opstella Administrator User Account

💡 Be sure to do it on your dedicated Keycloak Realm. foobar-opstella

You will be creating a user named opstella to be a first user on the system and be an Opstella Administrator,

1. Go to Users > Add user

   

   • User: opstella
   • Email: opstella-admin@${BASE_DOMAIN}
   • First name: Opstella
   • Last name: Administrator

   

2. Click on Join Groups and choose fake-group

   

3. Click Create

4. Set the opstella user password

   After creation, it should redirect to opstella user information.

   If not, Go to Users > opstella within the users list

   

   2.1 Go to Credentials tab > Set password

   

   2.2 Type your chosen password in Password and Password confirmation

   2.3 Untick Temporary and Save

   

5. Assign Pre-defined Realm Management Role realm-admin to be Keycloak Administrator (Realm Role)

   4.1 Go to Role mapping tab > Assign role

   4.2 Change Filter to Filter by client

   4.3 Search for realm-admin of realm-management