Back to Top

Guide for Magento 2 Keycloak (SSO)Login

Updated 22 May 2024

Magento 2 Keycloak (SSO) Login allows the users to log in to the Magento 2 store in a single click with their Keycloak account. It enables the Magento 2 store admin to allow its users to enter the credentials only one time.

The module gives the Magento 2 website users ease to sign in with their keycloak account.

Keycloak- Keycloak is an open-source software solution that enables single sign-on with Identity and Access Management for modern applications and services.

Moreover, It offers multiple features such as;  Single-Sign-On (SSO), Identity Brokering and Social Login, User Federation, Client Adapters, an Admin Console, and an Account Management Console.

Check the overview of the plugin in the video mentioned-below –

Searching for an experienced
Magento 2 Company ?
Find out More

Features- Magento 2 Keycloak (SSO) Login

  • The customers can log in with their Keycloak with a single click.
  • The customers have to enter their keycloak credentials only one time at the time of login.
  • The customer can create their Magento 2 account with a single click.
  • The users need to enter their username and password of the Keycloak account only one time.
  • Implemented Keyloak session removal on customer logout.

Install an Extension from Webkul Store

#1 Download Module

Firstly, you need to log in to Webkul Store, go to My Account>My Purchased Products section, verify and then download and extract the contents of this zip folder on the system.

#2 Upload Folder

Once the module zip is extracted, follow path src>app and then copy the app folder into the Adobe Commerce Cloud root directory on the server as shown below:

Installation Of Show Price After Login for Magento2

#3 Run Commands

After uploading the module folder, you need to run the following commands in the Magento 2 root directory:

You need to run the following commands:

php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento setup:static-content:deploy
php bin/magento indexer:reindex
php bin/magento cache:flush

The list of steps to install Keycloak for Ubuntu is provided below.

To install and configure KeyCloak on Ubuntu, follow these steps:

First, update the system.

apt-get update

Install Java in step two.

apt-get install default-jdk
  • Check the Java version.
java -version

Download and install KeyCloak in step 3.

cd /opt/
  • Extract the folder that you downloaded.
tar -xvf keycloak-15.0.2.tar.gz
  • Change the name
mv keycloak-15.0.2 keycloak
  • Create a user and group.
groupadd keycloak
useradd -r -g keycloak -d /opt/keycloak -s /sbin/nologin keycloak
  • Give ownership permission
chown -R keycloak: keycloak
chmod o+x /opt/keycloak/bin/

Configure the KeyCloak in step 4.

cd /etc/
mkdir keycloak
  • Copy the configuration files listed below.
cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.conf /etc/keycloak/keycloak.conf
cp /opt/keycloak/docs/contrib/scripts/systemd/ /opt/keycloak/bin/
  • Provide the ownership permission.
chown keycloak: /opt/keycloak/bin/
  • Open the configuration file.
vim /opt/keycloak/bin/
  • Edit the following line:
  • Save the file.

Create a Systemd Service File in step 5.

  • Copy the file.
cp /opt/keycloak/docs/contrib/scripts/systemd/wildfly.service /etc/systemd/system/keycloak.service
  • Open the keycloak.service file.
vim /etc/systemd/system/keycloak.service
  • Update and edit the following lines
Description=The Keycloak Server
  • Reload, enable, and launch the keycloak service.
systemctl daemon-reload
systemctl enable keycloak
systemctl start keycloak
  • Check the status of Keycloak.
systemctl status keycloak
  • Examine the Keycloak server log.
tail -f /opt/keycloak/standalone/log/server.log

Create an admin user for Keycloak in step 6.

/opt/keycloak/bin/ -u admin
  • Set the password.
  • Restart the Keycloak service.
systemctl restart keycloak
  • To disable the HTTPS for Keycloak.
/opt/keycloak/bin/ config credentials --server http://localhost:8080/auth --realm master --user admin
  • The admin password must be given.
  • Run the next command to disable HTTPS.
/opt/keycloak/bin/ update realms/master -s sslRequired=NONE

Open the KeyCloak web interface in step 7.

  • Launch the Login web interface.
  • Give your username and password.
  • Simply click Sign In.
  • Keycloak is now ready.

Keycloak Account Settings – Magento 2 Keycloak (SSO) Login

The user has to enter a username or email and password for keycloak registration.


A successful login to the Keycloak take us to the Keylock console and open the Master realm by default, We’ll concentrate on making a custom realm here. 


To add a client, navigate to the Clients area of your Keycloak admin console and click on Create button to add the client.


Furthermore, the below settings need to be done.

Add Client

Import- Select the file which you want to import.

Client ID- The client ID is required to enter here.

Client Protocol- After that, select the client protocol from the dropdown list.

Root URL- Enter the root URL of the Magento 2 homepage here.

Now, click on the Save button to add a client.


Add Users

Here, we add users to the keycloak to add a new user, navigate to the Users page and select the Add user button on the far right of the screen.


Fill out the form by entering your email address, first and last name, and then click the Save button as shown in the image below.

Magento-- Keycloak-(SSO)-Login-5

Note: We have a CORS issue when keycloak and Magento 2 are on different servers. To resolve this issue, the user has to enter the client URLs or Asterisk(*) in the Valid Redirect URL settings and Web Origin settings in the keycloak client settings.

Magento-2 -Keycloak-(SSO)-Login-admin-console

Admin Configurations-Magento 2 Keycloak (SSO) Login

To configure keycloak module, the admin has to navigate through Stores>Configurations>Keycloak Connector>Keycloak Configuration as shown in the image.

keycloak connector configuration

Here, the admin will make the following settings:

Enable Keycloak- Enable the status of the module by selecting Yes.

Realm-Now, enter the Realm name here.

SSL Required-  Ensures that all communication to and from the Keycloak server is over HTTPS.

Auth Server URL- The admin will enter the Auth Server URL same as Keycloak account.

Public Client- If set to Yes, the adapter will not send credentials for the client to Keycloak.

Confidential Port- The confidential port used by the Keycloak server for safe SSL/TLS connections.

URL- Here, the store admin will enter the URL of the keycloak.

Client ID- The admin will enter the client ID which is created in the Keycloak account.

Customer End Workflow- Magento 2 Keycloak (SSO) Login

The customers can sign in with their Keycloak account to the Magento 2 store with the button present right below the Sign In button as shown in the screenshots. This is the Keycloak SSO feature.


Also, you can check the Magento 2 Azure AD SSO login extension that allows the users to log into the Magento 2 store using their Azure AD credentials.

This will redirect to the Keycloak and here the customer needs to enter their Keycloak credentials and they will sign in to the Magento 2 store.


If you already have a keycloak account and are logged in, you will be instantly signed in to Magento 2 store with the email address you used to sign up for keycloak.


That is all about the Magento 2 Keycloak(SSO) Login. If you have any queries regarding the plugin, please contact us at Webkul Support System.

You can also check our complete Magento 2 extensions.

Current Product Version - 5.0.1

Supported Framework Version - Magento 2.0.x, 2.1.x, 2.2.x,2.3.x, 2.4.x

Blog Version - Magento 2.0.x, 2.1.x, 2.2.x,2.3.x, 2.4.x
  • Version Magento 2.4.7 and PHP 8.3
  • Version 2.4.x
. . .

Leave a Comment

Your email address will not be published. Required fields are marked*

Be the first to comment.

Back to Top

Message Sent!

If you have more details or questions, you can reply to the received confirmation email.

Back to Home

Table of Content