Keycloak MCP App
Interactive IAM Management
with AI Assistants
Experience interactive, structured UI workflows directly inside AI conversations. Manage Keycloak IAM through capabilities, not dashboards. Powered by the TwoGenIdentity AuthZEN Gateway.
Get Started
Keycloak MCP App
The Keycloak MCP App is an extension that enables interactive, structured UIs directly inside AI conversations.
AI assistants work with real, guided workflows, going beyond simple scripts and text responses.
Users interact with capabilities, not dashboards, providing a seamless IAM management experience.
The MCP App is exposed through the TwoGenIdentity AuthZEN MCP Gateway for standardized authorization decisions.
MCP Server Foundation
Keycloak MCP Server Tools
Built on top of the Keycloak MCP Server, we provide over 40 tools for comprehensive IAM management. We are evolving these tools to deliver interactive UI experiences inside AI conversations.
User Management
List, create, update, and delete users. Manage user attributes and credentials.
Client Management
Configure OAuth/OIDC clients, manage client scopes and permissions.
Role Management
Create and assign realm roles, client roles, and composite roles.
Group Management
Organize users into groups with inherited roles and attributes.
Authentication Flows
View and describe authentication flows and execution steps.
Realm Configuration
Access and manage realm settings, identity providers, and policies.
Keycloak MCP App Explained
Keycloak MCP App Use Cases
Experience interactive IAM management with structured UI components inside your AI assistant. Here's a demo showcasing the MCP App capabilities:
๐งโ๐ป List and view identities with interactive components
๐งโ๐ป View authentication flows with visual representations
๐ก๏ธ Secure management via MCP Gateway integration
๐ก๏ธ Dynamic, zero trust based authorization
The MCP App provides guided workflows for comprehensive IAM management. The sky is the limit!
Keycloak MCP App Features
Here are some features of the MCP App, and we are continuously evolving it.
Interactive UI Components
Structured experiences directly in AI conversations with guided workflows and visual representations.
AuthZEN Gateway Integration
Standardized and decoupled authorization using external AuthZEN compliant PDP for secure access control.
OAuth 2.0 Support
Supports OAuth 2.0 for Access Delegation and Coarse Grained Authorization (CGA) protection.
FGA Authorization
Integration with OpenFGA to enable fine grained authorization capabilities and enhance security through Relationship Based Access Control (ReBAC) policies.
Gateway Integration
AuthZEN MCP Gateway
The Keycloak MCP App is exposed through the TwoGenIdentity AuthZEN MCP Gateway, providing standardized authorization decisions based on zero trust principles.
The gateway ensures clear trust boundaries between AI assistants and IAM resources, enabling secure and governed access to Keycloak management capabilities.
Standardized Authorization
AuthZEN-compliant decisions for consistent access control across all MCP interactions.
Zero Trust Principles
Every request is verified with clear trust boundaries between AI agents and IAM resources.
Explore the AuthZEN Gateway
Discover how the TwoGenIdentity AuthZEN Gateway enables secure, standardized authorization for AI agents and APIs.
Deploy the MCP App in just a few easy steps.
The Keycloak MCP App runs as a container for portability and scalability.
Step 1: Download
Get an active subscription and download the docker image from private GitHub repo.
Step 2: Configure the platform
Configure the MCP App to connect to your Keycloak deployment and the AuthZEN Gateway.
Step 3: Configure FGA if needed
Configure your AuthZEN Policy Decision Point for fine grained authorization
Ready!