new KeycloakAdapter(options, authData)
Parse Server Configuration
To configure Parse Server for Keycloak authentication, use the following structure:
{
"auth": {
"keycloak": {
"config": require('./auth/keycloak.json')
}
}
}
Ensure the keycloak.json configuration file is generated from Keycloak's setup guide and includes:
auth-server-url: The Keycloak authentication server URL.realm: The Keycloak realm name.client-id: The Keycloak client ID.
Auth Data
The adapter requires the following authData fields:
access_token: The Keycloak access token retrieved during client authentication.id: The user ID retrieved from Keycloak during client authentication.roles(optional): The roles assigned to the user in Keycloak.groups(optional): The groups assigned to the user in Keycloak.
Auth Payload Example
Example Auth Data
{
"keycloak": {
"access_token": "an authorized Keycloak access token for the user",
"id": "user's Keycloak ID as a string",
"roles": ["admin", "user"],
"groups": ["group1", "group2"]
}
}
Notes
- Parse Server validates the provided
authDataby making auserinfocall to Keycloak and ensures the attributes match those returned by Keycloak.
Keycloak Configuration
To configure Keycloak, copy the JSON configuration file generated from Keycloak's setup guide:
Place the configuration file on your server, for example:
auth/keycloak.json
For more information on Keycloak authentication, see:
| Name | Type | Description | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
options | Object | The adapter configuration options. Properties
| ||||||||||||||||||||
authData | Object | The authentication data provided by the client. Properties
|