Automatic User Provisioning and Sync between Joomla and Keycloak
User Sync from Keycloak to Joomla can be achieved by using
our Keycloak User Sync plugin. This plugin uses the Keycloak
Rest API to fetch all the user's profiles from Keycloak to the Joomla
database. Seamless support for advanced sync features like Bi-directional user
sync, automatic user creation & deletion, group mapping and many more from
Keycloak to Joomla and Joomla to Keycloak. It provides a simple and secure way
to keep user information in sync, allowing administrators to easily provision
users and manage user data with manual, on-demand or scheduler-based
Download the zip file for the
miniOrange Joomla Keycloak User Sync plugin from the link
Login into your Joomla site’s administrator console.
From the Menu, click on System, then under
Install section click on Extension.
Upload the downloaded zip file to install the
Keycloak User Sync for Joomla plugin.
Installation of the plugin is successful. Now click on
Start using miniOrange Keycloak User sync plugin.
2. Configure Keycloak
Go to your Keycloak console and select your realm and click
on Users. Ensure that your Realm does not have a space
present in the name.
Go to Users and click on the
Create new user button to create a user.
On creating a new user enter the required details and click on
After a user is created go to Credentials tab and click on
the Set password button to set a password for the user.
Enter the user password and click on Save.
Note: Disabling Temporary will make user password permanent.
Once the user password is set, go to the Role Mapping tab
and assign the user a role of ‘manage-users’ under the
‘realm-management’ client roles.
Filter the roles by Filter by clients and search by
user, select the realm-management,
manage-users role and click on the
3. Create a Client
To create a client click on the Clients section on the left
panel and click on the Create Client button.
To create the client, enter the required details and click on the
Note: The Client ID should not have any spaces between.
In the next step, select only the Direct access grant type
and click on the Save button.
All the configurations are completed on the Keycloak side. Let’s go to our
Joomla Keycloak sync plugin and complete the plugin configuration.
4. Configure Keycloak User Sync Plugin
Go to the Configure Keycloak tab and enter the Keycloak Domain, Client ID
and your Realm name from the Keycloak application that you created above.
To copy the Keycloak domain, go to your
Keycloak console and copy the domain.
Enter the copied Keycloak domain name in the
Keycloak Domain field present on the Configure Keycloak
To copy the Client ID hover to your Keycloak settings and copy the client ID
from there as shown below.
Copy the Client ID and paste it in the Client ID field in the Configure
To copy the Realm name go to your Keycloak panel and copy the realm name.
Then paste it in the Realm field in the Configure Keycloak tab.
Enter the Username and the password of the user you created with the
permission of ‘manage-users’ and click on the
Save Configuration button.
Congratulations, you have successfully verfied the
User's Email address during registartion.
5. Test Configuration
To test if the connection is successful or not, click on the
Test Connection button present in the
6. Sync Users from Joomla to Keycloak
The plugin provides an option to sync your users from Joomla to Keycloak. In
this section, you can manually sync a Joomla user to keycloak, manually
delete a user in keycloak, automatically create a user in Keycloak once a
user is created in Joomla and automatically delete a user in Keycloak once a
user is deleted in Joomla.
1. Manually create an Individual User in Keycloak:
Select the Joomla user you want to create in Keycloak from the dropdown.
After selecting the user, click on the Create User button.
You will get a message stating that the user is successfully created in
Go to your Keycloak realm and go to users. You will see that the user is
2. Manually delete a user in Keycloak:
This provides an option to select a user from the available Keycloak users
and delete a user in Keycloak. Select the Keycloak user you wish to delete
and click on the Delete User button.
Once the user is successfully deleted you will get a message that the user
is successfully deleted from Keycloak.
To verify if the user is deleted or not, go to your Keycloak realm and
users. You can notice here that there is no user called testest.
3. Automatic Provisioning of Users:
Enable Automatic User creation: If this option is
enabled, any user that is created on your Joomla site, will be created in
Enable Automatic User Deletion: If this option is
enabled, any user that is deleted from your Joomla site, will
automatically be deleted from Keycloak.
7. Sync Users from Keycloak to Joomla
User Attribute Mapping: To create/sync users from Keycloak
to Joomla, we will have to map their username and Emails. To map the
Username and Email attributes, you can select the attribute name from
Keycloak which maps to the user’s username and email respectively. You can
refer to the test configuration window to map the attributes. Click on the
Save Configuration button to save the User Attributes Mapping.
User Synchronization from Keycloak to Joomla: This allows
the user to create/sync a user from Keycloak to Joomla. You can select the
Keycloak user from the dropdown which needs to be created/synced in Joomla.
If the user is already present in Joomla, the user attributes will be
synced. Else if the user is not present in Joomla, a new Joomla user will be
created based on the Keycloak User Attributes.
Once the user is successfully created on Joomla you will get the following
The user is successfully created in Joomla.
If you were unable to find your user in the dropdown, you can click on the
Retrieve all Users button to retrieve all your Keycloak users.
Sync All Users: This option allows all the users present in
your Keycloak AD to be created/synced in Joomla. If a user is already
present in Joomla, their user attributes will be synced, else a new user in
Joomla will be created.
Click on the Sync All Users button to sync all your Keycloak Users in
You can see all the Keycloak users are created in Joomla.
If you dont hear from us within 24 hours, please feel free to send a follow up email to firstname.lastname@example.org
This privacy statement applies to miniorange websites describing how we handle the personal
When you visit any website, it may store or retrieve the information on your browser, mostly in the
form of the cookies. This information might be about you, your preferences or your device and is
mostly used to make the site work as you expect it to. The information does not directly identify
you, but it can give you a more personalized web experience.
Click on the category headings to check how we handle the cookies.
Strictly Necessary Cookies
Necessary cookies help make a website fully usable by enabling the basic functions like site
navigation, logging in, filling forms, etc. The cookies used for the functionality do not store any
personal identifiable information. However, some parts of the website will not work properly without
These cookies only collect aggregated information about the traffic of the website including -
visitors, sources, page clicks and views, etc. This allows us to know more about our most and least
popular pages along with users' interaction on the actionable elements and hence letting us improve
the performance of our website as well as our services.