Docs
MedusaPluginsKeycloak
K

Keycloak

πŸ” Seamless Keycloak Identity and Access Management for MedusaJS

Need customizations for this plugin?

Get in touch
npm install @vymalo/medusa-keycloak
Category
auth
Built by
Community
Version
1.0.10
Last updated
6 months ago
Github stars
9
npmNPMGitHubGithub

MedusaJS Keycloak Authentication

πŸ” Seamless Keycloak Identity and Access Management for MedusaJS

🌟 Features

  • Native Keycloak authentication integration
  • Multi-provider authentication support
  • Secure OAuth 2.0 / OpenID Connect implementation
  • Flexible configuration options
  • Role-based access control
  • Single Sign-On (SSO) capabilities

πŸ—οΈ Authentication Architecture

graph TD
    A[User] -->|Login Request| B[MedusaJS]
    B -->|Redirect| C[Keycloak]
    C -->|Authentication| D[Identity Verification]
    D -->|Token| B
    B -->|Access Granted| A

πŸ“¦ Installation

Install the package using npm:

npm install @vymalo/medusa-keycloak

Or using yarn:

yarn add @vymalo/medusa-keycloak

πŸš€ Configuration Example

modules: [
  {
    resolve: '@medusajs/medusa/auth',
    options: {
      providers: [
        // Keycloak Authentication Provider
        {
          resolve: `@vymalo/medusa-keycloak`,
          id: 'vymalo-keycloak',
          options: {
            // Keycloak Server Configuration
            url: process.env.KEYCLOAK_URL,
            realm: process.env.KEYCLOAK_REALM,
            clientId: process.env.KEYCLOAK_CLIENT_ID,
            clientSecret: process.env.KEYCLOAK_CLIENT_SECRET,
            
            // Optional Advanced Configuration
            scope: 'openid profile email', // default
            default_redirect_uri: process.env.KEYCLOAK_CALLBACK_URL,
          }
        },
        ...,
      ],
    },
  }
]

πŸ”§ Environment Variables

Required Configuration:

  • : Keycloak server base URL
  • : Keycloak realm name
  • : Application client ID
  • : Client secret

Optional Configuration:

  • : Authentication scopes
  • : Custom callback URL

πŸ›‘οΈ Security Considerations

  • Use environment variables for sensitive credentials
  • Implement proper scope restrictions
  • Rotate client secrets periodically
  • Configure appropriate token lifetimes

🌐 Advanced Integration Options

Authentication Flow Customization

  • Support multiple authentication providers
  • Fallback mechanisms
  • Role-based access control
  • Custom claim mapping

Token Management

  • Access token validation
  • Refresh token handling
  • Session management
  • Single sign-on (SSO) support

πŸ“Š Supported Authentication Flows

  • Authorization Code Flow
  • Implicit Flow
  • Hybrid Flow
  • Client Credentials Flow
  • Direct Access Grants

🀝 Contributing

Contributions are welcome!

  • Improve authentication logic
  • Add new Keycloak configuration options
  • Enhance security features
  • Provide more robust error handling

πŸ› Troubleshooting

  • Verify Keycloak server connectivity
  • Check client configuration
  • Validate environment variables
  • Review network and CORS settings

πŸ“„ License

Check the license

πŸ”— Related Resources

More in this category

View all
auth
P

Passwordless svaraa

By Devx

Passwordless authentication for Medusa

0
GitHubnpm
auth
P

Passwordless

By Devx

Passwordless authentication for Medusa

0
GitHubnpm
auth
W

Webauthn

By Community

A starter for Medusa projects.

0
9
GitHubnpm

More by this author

View all
search
M

Meilisearch

By Community

Meilisearch plugin for Medusa 2

9119
58
GitHubnpm
payment
B

Braintree

By Community

Braintree plugin for Medusa

2585
18
GitHubnpm
payment
P

Pay payments medusa

By Community

The Pay.nl payment provider plugin for Medusa v2

2224
GitHubnpm
Medusa - Keycloak