miniOrange Magento User Sync Integration with Keycloak

Overview

Keycloak User Sync is an easy-to-use plugin for Magento to facilitate the synchronization of user data between Keycloak, an identity management platform, and Magento. This plugin uses the Keycloak Rest API to fetch all the user's profiles from Keycloak to the Magento database. Seamless support for advanced sync features like bi-directional user sync, automatic user creation & deletion, group mapping, and many more. It provides a simple and secure way to keep user information in sync, allowing administrators to provision users and manage user data with manual, on-demand, or scheduler-based provisioning.

Installation Steps

Configuration Steps

1. Configure Keycloak

• Go to your Keycloak console and select your realm and click on Users. Ensure that your Realm does not have a space present in the name.

• Go to Users and click on the Add user button to create new user.

• On creating a new user enter the required details and click on Create.

• After a user is created go to Credentials tab and click on the Set password button to set a password for the user.

• Enter the user password and click on Save.

• Once the user password is set, go to the Role Mapping tab and assign the user a role of ‘manage-users’ under the ‘realm-management’ client roles.

• Filter the roles by Filter by clients and search by user, select the realm-management, manage-users role and click on the Assign button.

Step 2: Create a Client

• To create a client click on the Clients section on the left panel and click on the Create Client button.

• To create the client, enter the required details and click on the Next button.

• In the next step, select only the Direct access grant type and click on the Save button.

• All the configurations are completed on the Keycloak side. Let’s go to our Magento Keycloak sync plugin and complete the plugin configuration.

Step 3: Configure Keycloak User Sync Plugin

• Go to the Configure Keycloak tab and enter the Keycloak Domain, Client ID and your Realm name from the Keycloak application that you created above.
• To copy the Keycloak domain, go to your Keycloak console and copy the domain.

• To copy the Client ID hover to your Keycloak settings and copy the client ID from there as shown below.

• To copy the Realm name go to your Keycloak panel and copy the realm name.

• Enter the Username of any user (with the 'manage-users' permission) from your Keycloak application. This will be used for test configuration.

• Enter the copied Keycloak Server URL in the Keycloak Server URL field present on the Sync Configuration tab.
• Copy the Client ID and paste it in the Client ID field in the Sync Configuration tab.
• Then paste it in the Realm field in the Sync Configuration tab.
• Enter the Test username here and then click on the Save Configuration button.

• Under the Manual/ On demand Provisioning Section, you can enter the Username of the user you created with the permission of ‘manage-users’.

• Under the Automatic Provisioning section, you can automate provisioning whenever a user is created, deleted and updated. You can also enable automatic sync of Magento user password.

• Congratulations, you have successfully verfied the User's Email address during registartion.

You have successfully configured Keycloak User Sync with Magento. If you are looking for anything which you cannot find, please drop us an email on magentosupport@xecurify.com.

Related Articles

• What is SCIM User Provisioning?
• SCIM (User Provisioning) with Okta
• SCIM (User Provisioning) with OneLogin