Please Note:

You are not viewing the most recent version of this page. 3.20(SP1) is the latest version available.

Setup of the SafeNet Agent for Keycloak

The Installation script deploys all the binaries and theme resources required for the Keycloak to work with SAS (built using Keycloak SPIs). After the successful deployment, the script restarts the Keycloak server.

Installation of SafeNet Keycloak Agent

Run the Safenet_Keycloak_Agent_Setup script from the extracted folder.
- For Windows: Execute the script Safenet_Keycloak_Agent_Setup.bat.
- For Linux: Execute the shell script ./Safenet_Keycloak_Agent_Setup.sh.
Note
For Linux, add the execution permission to all the scripts files, using the command find “<path-of-keycloak-agent-directory>” -type f -iname "*.sh" -exec chmod +x {} \;
Enter the path of the Keycloak server directory in the command line and press Enter.

Note
Refer to Terminologies or Prerequisites as a reference for the path.
Enter 1 to install the SafeNet Keycloak Agent.
Enter Y to stop the server.
Post installation, the Keycloak server reloads and installation success message is displayed.
Press any key to close the window.
Note
- The agent reloads the server if it is already in the running state.
- If the server is in shutdown state, then the agent script only applies the customization.
- The Keycloak SAS Providers (Keycloak SPIs) is visible when the server boots up.
To reach this section, login as Keycloak adminstrator. Click on Admin profile on top right corner, then click on Server Info.

SafeNet Agent version for Keycloak

Note

If the version_info file is not present in the bin folder. It means the initial GA version is installed on your system, kindly upgrade it.

View version for Linux based system

Go to the location of Keycloak bin folder: {keycloakDirectory}\keycloak-19.0.3\bin.
Run the version_info.sh batch file.
The screen displays the current installed version number as shown below.

View version for Windows based system

Go to the location of Keycloak bin folder: {keycloakDirectory}\keycloak-19.0.3\bin.
Run the version_info.bat batch file.
The screen displays the current installed version number as shown below.

SafeNet Keycloak Agent package version

To view version of downloaded agent, run version_info file located in the package.

alt_text

Upgrade the SafeNet Agent for Keycloak

To upgrade the SafeNet Agent for Keycloak, the installation steps need to be followed.

Note

This SafeNet Agent release is compatible with Quarkus distribution of Keycloak version 19.0.3 as there have been some updates in framework, folder structure and configuration.

For using the Keycloak Agent as per your Keycloak server, consider the following table:

Keycloak Server	Keycloak Agent
Version 19.0.3 (Quarkus Distribution)	1.3.0
Version 15.0.2 (WildFly Distribution)	1.2.0

Note

For all newly created realms, the Authentication Flows do not need to change. After the 1.0.1 release, ensure the below settings are in place, for all existing realms.

Go to Authentication tab, then validate the three Authentication Flows that appear in the top left selected list.
Ensure the requirement(s) in the execution are placed as shown above. All requirements are set to Alternative while the sub-requirements under SafeNet Flows are set to Required.

Caution
If Keycloak is setup as windows service, then the service must be stopped before upgrading the SafeNet Keycloak Agent.

To unistall the SafeNet Agent for Keycloak

Note

Follow step 1 and 2 from install the SafeNet Agent for Keycloak section.

Enter 2 to uninstall the SafeNet Keycloak Agent.
The agent is uninstalled successfully.
Client URLs configured with SafeNet Keycloak Agent wont't work anymore.
Authentication bindings SafeNet LDAP OTP Flow, SafeNet OTP Flow and SafeNet LDAP UserIdProvided Flow won't work anymore.
Press any key to close the window.