MCP.so
Sign In
Servers

Advanced Keycloak Mcp Server

@Octodet

Advanced Keycloak Mcp Server with many tools

Overview

What is Advanced Keycloak Mcp Server?

A Model Context Protocol (MCP) server that provides a comprehensive set of tools for Keycloak administration, covering user, realm, and role management. It is intended for developers and administrators who need to automate Keycloak tasks via MCP-compatible clients.

How to use Advanced Keycloak Mcp Server?

The README does not describe installation, configuration, or invocation steps. Once set up, the server exposes tools such as create-user, delete-user, list-users, list-realms, list-roles, and update-user-roles, which accept JSON parameters as shown in the documentation.

Key features of Advanced Keycloak Mcp Server

  • Create users in specified realms with credentials and attributes.
  • Delete users permanently from a realm.
  • List all users in a realm with basic information.
  • Display all available realms in the Keycloak instance.
  • List all roles for a specific client within a realm.
  • Add or remove client roles for a user in a single operation.

Use cases of Advanced Keycloak Mcp Server

  • Automate user provisioning and deprovisioning across multiple realms.
  • Manage role-based access control for applications by assigning/removing client roles.
  • Audit and explore Keycloak realms, users, and role assignments via MCP tools.
  • Integrate identity management workflows into AI assistants or automation pipelines.

FAQ from Advanced Keycloak Mcp Server

What tools does the server provide?

The server provides six tools: create-user, delete-user, list-users, list-realms, list-roles, and update-user-roles, each for specific Keycloak administrative tasks.

What parameters are required for create-user?

realm, username, email, firstName, and lastName are required. Optional parameters include enabled, emailVerified, and credentials (an array of credential objects with type, value, and temporary).

Can roles be added and removed in one call?

Yes. The update-user-roles tool accepts both rolesToAdd and rolesToRemove arrays in a single operation. At least one of the two must be provided.

Is the delete-user operation reversible?

No. Deleting a user is permanent and irreversible. The README explicitly warns to ensure the correct userId before execution.

Does the server require any specific transport or authentication setup?

The README does not specify transport, authentication, or runtime dependencies. It assumes a Keycloak instance is accessible and configured for the server.

Tags

More from Other