Keycloak MCP Server
by
Provides AI‑powered administration of Keycloak users and realms through the Model Context Protocol, enabling automated creation, deletion, and listing of users and realms from MCP clients such as Claude Desktop.
Keycloak MCP Server Overview
What is Keycloak MCP Server about?
The server exposes Model Context Protocol tools that interact with a running Keycloak instance, allowing AI assistants and other MCP clients to manage users and realms programmatically.
How to use Keycloak MCP Server?
- Installation – install via npm (recommended) or Smithery:
npx -y keycloak-model-context-protocol - Configuration – add an entry to the Claude Desktop (or other MCP client) configuration:
{ "mcpServers": { "keycloak": { "command": "npx", "args": ["-y", "keycloak-model-context-protocol"], "env": { "KEYCLOAK_URL": "http://localhost:8080", "KEYCLOAK_ADMIN": "admin", "KEYCLOAK_ADMIN_PASSWORD": "admin" } } } } - Running – start the server through the configured command; MCP clients can now invoke the provided tools.
Key features of Keycloak MCP Server
- Create User – add a new user to a specified realm with username, email, first name, and last name.
- Delete User – remove a user from a realm by user ID.
- List Realms – retrieve all available realms.
- List Users – enumerate users within a given realm.
- Easy npm installation – single‑command setup with
npx. - Smithery integration – one‑click deployment for Claude Desktop.
- TypeScript codebase – strong typing and easy extensibility.
Use cases of Keycloak MCP Server
- Automated onboarding – AI assistants can create user accounts when new employees are added to HR systems.
- Self‑service account cleanup – periodic scripts trigger the
delete-usertool to remove inactive accounts. - Dynamic realm discovery – tools can list realms to adapt to multi‑tenant environments.
- Integration testing – test suites invoke the MCP tools to set up and tear down test users.
FAQ from the Keycloak MCP Server
Q: Which Node version is required? A: Node.js 18 or higher.
Q: Do I need a running Keycloak instance?
A: Yes, the server communicates with Keycloak via its admin REST API; configure KEYCLOAK_URL accordingly.
Q: Can I run the server locally for development?
A: Clone the repository, run npm install && npm run build, then start with node dist/index.js or via the npx command.
Q: How are credentials secured? A: Provide admin credentials through environment variables; avoid committing them to source control.
Q: Is there a testing tool?
A: Yes, use the Model Context Protocol Inspector: npx -y @modelcontextprotocol/inspector npx -y keycloak-model-context-protocol.
Keycloak MCP Server's README
Keycloak MCP Server
A Model Context Protocol server for Keycloak administration, providing tools to manage users and realms.
Features
- Create new users in specific realms
- Delete users from realms
- List available realms
- List users in specific realms
Installation
Installing via Smithery
To install Keycloak for Claude Desktop automatically via Smithery:
npx -y @smithery/cli install keycloak-model-context-protocol --client claude
Via NPM (Recommended)
The server is available as an NPM package:
# Direct usage with npx
npx -y keycloak-model-context-protocol
# Or global installation
npm install -g keycloak-model-context-protocol
Local Development Setup
If you want to develop or modify the server:
git clone <repository-url>
cd keycloak-model-context-protocol
npm install
npm run build
Configuration
Using NPM Package (Recommended)
Configure the server in your Claude Desktop configuration file:
{
"mcpServers": {
"keycloak": {
"command": "npx",
"args": ["-y", "keycloak-model-context-protocol"],
"env": {
"KEYCLOAK_URL": "http://localhost:8080",
"KEYCLOAK_ADMIN": "admin",
"KEYCLOAK_ADMIN_PASSWORD": "admin"
}
}
}
}
For Local Development
{
"mcpServers": {
"keycloak": {
"command": "node",
"args": ["path/to/dist/index.js"],
"env": {
"KEYCLOAK_URL": "http://localhost:8080",
"KEYCLOAK_ADMIN": "admin",
"KEYCLOAK_ADMIN_PASSWORD": "admin"
}
}
}
}
Available Tools
create-user
Creates a new user in a specified realm.
Inputs:
realm: The realm nameusername: Username for the new useremail: Email address for the userfirstName: User's first namelastName: User's last name
delete-user
Deletes a user from a specified realm.
Inputs:
realm: The realm nameuserId: The ID of the user to delete
list-realms
Lists all available realms.
list-users
Lists all users in a specified realm.
Inputs:
realm: The realm name
Development
npm run watch
Testing
To test the server using MCP Inspector:
npx -y @modelcontextprotocol/inspector npx -y keycloak-model-context-protocol
Deployment
NPM Package
This project is automatically published to NPM via GitHub Actions when a new release is published on GitHub.
Setup Requirements for Deployment
- Create NPM account and get access token
- Add NPM_TOKEN secret to GitHub repository
- Go to repository Settings > Secrets
- Add new secret named
NPM_TOKEN - Paste your NPM access token as the value
Prerequisites
- Node.js 18 or higher
- Running Keycloak instance
Keycloak MCP Server Reviews
Login Required
Please log in to share your review and rating for this MCP.
Actions
Keycloak MCP Server's Information
- Author
- ChristophEnglisch
- Category
- Security
- Language
- TypeScript
- Version
- v0.0.2
- Stars
- 30
- Updated
- 21 days ago
Configuration
{
"mcpServers": {
"keycloak": {
"command": "npx",
"args": [
"-y",
"keycloak-model-context-protocol"
],
"env": {
"KEYCLOAK_URL": "http://localhost:8080",
"KEYCLOAK_ADMIN": "admin",
"KEYCLOAK_ADMIN_PASSWORD": "admin"
}
}
}
}Configure Clients
Similar MCP Servers like Keycloak MCP Server
Explore related MCPs that share similar capabilities and solve comparable challenges
SafeLine
by chaitin
A self‑hosted web application firewall and reverse proxy that protects web applications from attacks and exploits by filtering, monitoring, and blocking malicious HTTP/S traffic.
Burp MCP Server
by PortSwigger
Enables Burp Suite to communicate with AI clients via the Model Context Protocol, providing an MCP server and bundled stdio proxy.
Cycode CLI
by cycodehq
Boost security in the development lifecycle via SAST, SCA, secrets, and IaC scanning.
OpenCTI MCP Server
by Spathodea-Network
Provides a Model Context Protocol server that enables querying and retrieving threat intelligence data from OpenCTI through a standardized interface.
Authenticator App MCP Server
Officialby firstorderai
Provides seamless access to two‑factor authentication codes and passwords for AI agents, enabling automated login while maintaining security.
OPNSense MCP Server
by vespo92
Manage OPNsense firewalls through conversational AI, providing network configuration, device discovery, DNS filtering, HAProxy setup, and backup/restore via simple commands.
MalwareBazaar MCP
by mytechnotalent
Provides an AI-driven interface to Malware Bazaar, delivering real-time threat intelligence and sample metadata for authorized cybersecurity research workflows.
Attestable MCP Server
by co-browser
Verify that any MCP server is running the intended and untampered code via hardware attestation.
Shodan Mcp
by Hexix23
Provides a powerful interface to the Shodan API, enabling advanced search, host intelligence, vulnerability discovery, and network mapping for security research.