A quick guide to use Spring Cloud Gateway with Keycloak

Arvind Pareek
Keycloak is an open-source identity and access management solution which provides user federation, strong authentication, user management, fine-grained authorization, and more. In this blog, we will be looking at how we can integrate Keycloak with Spring Cloud Gateway using Open ID Connect (OIDC).
Setup Keycloak
Use the Keycloak docker image, and attach it a specific port. Sample docker-compose yml section is given below.
version: ‘1.0’
services:
Keycloak:
image: quay.io/Keycloak/Keycloak:20.0.01
ports:
– 9040:9040
environment:
– KEYCLOAK_USER=*****
– KEYCLOAK_ADMIN_PASSWORD=*****
Bring up keyclock and go to the admin page http://localhost:9040/admin . Login with admin username and password. This will be same as the ones set with the environment variables – KEYCLOAK_USER and KEYCLOAK_ADMIN_PASSWORD. Proceed to the configuration of realm, client and user as outlined here
Create an Application with Spring Cloud Gateway
Go to https://start.spring.io and create a project with Gateway and 0Auth2 Client. Create a simple rest controller as below:
This will return the ID of the Keycloak user from the principal object, which is created by spring security.
Below security consideration should be there to protect endpoint:
Each request is authenticated. If user is not logged in, there will be a redirection to the Keycloak login screen.
Application Properties:
application.yml file if the file should be similar to the below:
Set the client Id and client secret key based on what was configured in Keycloak.
With all the above changes, start the application. Going to http://localhost:8080 will see the browser redirect the user to the login page of Keycloak. User can login with username / password.
Relevant Blogs
Analytics Tools Vs Revenue Assurance Platform
Kiran MohanWe have an analytics tool, why do I need a revenue assurance platform? More or less, that’s what we hear from many conversations we have. I don’t blame them as we are comparing apples vs oranges. The concept of revenue assurance is new to the subscription...
Impact of Technology Silos on Revenue Leakage
Kiran MohanThe current subscription landscape relies on various technology systems such as CRM, sales force automation, billing systems, financial systems, and payment gateways to manage their operations and drive revenue growth. However, a significant challenge that...
xfactrs Launch at the Subscription Insider Show
Ravin Checker and team has launched xfactrs - the most awaited decision intelligence platform for subscription businesses. The event took place at the Subscription Insider Show 22. Here is the transcript from Ravin's presentation. .... Drip. Drip. Drip. That is the...