Setup of the SafeNet Agent for Keycloak

The Installation script deploys all the binaries and theme resources required for Keycloak to work with SAS (built using Keycloak SPIs). After the successful deployment, the script restarts the Keycloak server.

Install SafeNet Keycloak Agent

1. Run the Safenet_Keycloak_Agent_Setup script from the extracted folder.

   • For Windows: Execute the script Safenet_Keycloak_Agent_Setup.bat.
   • For Linux: Execute the shell script ./Safenet_Keycloak_Agent_Setup.sh.

   Note

   For Linux, add the execution permission to all the scripts files, using the command find “<path-of-keycloak-agent-directory>” -type f -iname "*.sh" -exec chmod +x {} \;

2. Enter the path of the Keycloak server directory in the command line and press Enter.

   

   Note

   Refer to Terminologies or Prerequisites as a reference for the path.

3. Enter 1 to install the SafeNet Keycloak Agent.

   

4. Enter Y to stop the server.

   

5. Post installation, the Keycloak server reloads and installation success message is displayed.

   

6. Press any key to close the window.

   Note

   • The agent reloads the server if it is already in the running state.

   • If the server is in shutdown state, then the agent script only applies the customization.

   • The Keycloak SAS Providers (Keycloak SPIs) is visible when the server boots up.

   

   To reach this section, log in as Keycloak administrator. Click the Admin profile in the top-right corner, then click Server Info.

   

SafeNet Agent version for Keycloak

If the version_info file is not present in the bin folder, it means the initial GA version is installed on your system. You need to upgrade it.

View version for Linux-based systems

1. Go to the location of Keycloak bin folder:

{keycloakDirectory}\keycloak-22.0.5\bin

1. Run the version_info.sh batch file.

   The screen displays the current installed version number as shown below.

   

View version for Windows-based systems

1. Go to the location of Keycloak bin folder: {keycloakDirectory}\keycloak-22.0.5\bin

2. Run the version_info.bat batch file.

3. The screen displays the current installed version number as shown below.

   

SafeNet Keycloak Agent package version

To view the version of the downloaded agent, run the version_info file located in the package.

Upgrade the SafeNet Agent for Keycloak

To upgrade the SafeNet Agent for Keycloak, the installation steps need to be followed.

This SafeNet Agent release is compatible with the Quarkus distribution of Keycloak version 22.0.5 as there have been some updates in the framework, folder structure, and configuration.

For using the Keycloak Agent as per your Keycloak server, consider the following table:

For all newly created realms, the Authentication Flows do not need to change. After the 1.0.1 release, ensure the below settings are in place, for all existing realms.

1. Go to the Authentication tab, and search for SafeNet.

   The four SafeNet Authentication Flows appears in the search list.

   

2. Select the required flow and ensure the requirement(s) the requirements are set to Alternative while the sub-requirements under SafeNet Flows are set to Required.

   

   If Keycloak is set up as a Windows service, then the service must be stopped before upgrading the SafeNet Keycloak Agent.

Uninstall SafeNet Agent for Keycloak

Follow step 1 and 2 from the install SafeNet Agent for Keycloak section.

1. Enter 2 to uninstall the SafeNet Keycloak Agent.

   

2. The agent is uninstalled successfully.

   The client URLs configured with SafeNet Keycloak Agent wont't work anymore. Also, the Authentication bindings, SafeNet LDAP OTP Flow, SafeNet OTP Flow, SafeNet LDAP UserIdProvided Flow, and SafeNet OTP LDAP Flow won't work.

   

3. Press any key to close the window.