Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Keycloak with SAS PCE

Install Safenet Agent for Keycloak

search
print

Install Safenet Agent for Keycloak

This section describes the steps to install and update the SafeNet Keycloak Agent for Keycloak server.

copy link to clipboardInstall SafenetKeycloakAgentPackage

To install the the Keycloak Agent package on Keycloak server:

  1. Extract the package to the installation directory of Keycloak server.

    For example, If the Keycloak is running from C:\(example, C:\keycloak-15.0.1\bin>.\standalone.bat) then the extracted Keycloak Agent package is placed under same location C:\(example,C:\610-000710-003_SafeNetKeycloakAgentPackage_Rev_A\).

  2. Navigate to the extracted Keycloak Agent package, and run the Safenet_Keycloak_Agent_Setup script.

  3. Enter the path of the Keycloak server directory in the command line and press Enter as displayed below:

    Install Agent

  4. After successful installation, the following output is displayed:

    Successful Installation

    It reloads the server and a new SAS provider is visible under Server Info in Admin section:

    Admin

    Server Info

  5. Once installed, the following components are required on the Keycloak Authorization server:

    • A Realm
    • An OAuth 2 client
    • Valid Client scope applied to the client
    • User Federation - so that Keycloak server knows where to look for users’ authentication

copy link to clipboardVerify SafeNetKeycloakAgent Installation

Installation of SafeNetKeycloakAgent adds three new authentication flows. Perform the following steps to verify if the SafeNetKeycloakAgent is properly installed:

  1. Go to the previously created realm, Select Authentication from the left pane.

  2. In the right pane, click Flows.

    Authentication Flows

  3. Check the drop-down list under Flows tab, this should list the following options:

    • Safenet OTP Flow
    • SafeNet OTP UserIdProvided Flow
    • SafeNet LDAP OTP Flow

On this page