Skip to main content

Keycloak Api Keys



  • Documentation:
  • Summary: Keycloak provides sign-in unification features, allowing users to sign in and out of all needed tools in one action.
  • IPs allowlist: This feature is not supported.
  • Scopes: Each user has their attributed key, which can cover any number of third-party services

Revoke the secret

From the admin console, one can issue 'not-before' policies, ensuring that tokens created before a given timestamp are rendered null. Specific applications, clients or users can also be disabled.

Check for suspicious activity

Logins are saved as events in the admin console (realm settings). These events can be regularly screened to detect suspicious activities (ex login at unusual hours), but there is no native way to automate the screening. Failed login attempts are also registered and can be configured to trigger an incremental lock on the targeted account, to avoid brute-force attacks.

Details for Keycloak api keys

  • Family: Api

  • Category: Identity provider

  • Company: KeyCloak

  • High recall: False

  • Validity check available: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 13.9

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
- keycloak


- text: |
+ auth-server-url:
+ bearer-only: true
+ credentials:
+ client-id: 528bed53-f405-406a-96c0-5e921c7b39fe
+ secret: 63488e67-3e19-43de-997e-833673aea340
+ realm: a-random-realm
+ resource: random-server
+ use-resource-role-mappings: true

client_id: 528bed53-f405-406a-96c0-5e921c7b39fe
apikey: 63488e67-3e19-43de-997e-833673aea340

- text: |
client_id: 2046f7b3-b878-4bc5-8f7f-57b24ce19d85
apikey: 0aa1dabc-1d8a-4c00-85c2-82bc88c42dc7

How can I help you ?