keycloak-mcp
Verified Safeby HaithamOumerzoug
Overview
Manages Keycloak users, realms, clients, roles, and groups through a standardized Model Context Protocol (MCP) interface for AI agents.
Installation
npx -y keycloak-mcp --keycloak-url <Keycloak Instance URL> --keycloak-admin <Admin Username> --keycloak-admin-password <Admin Password>Environment Variables
- KEYCLOAK_URL
- KEYCLOAK_ADMIN
- KEYCLOAK_ADMIN_PASSWORD
Security Notes
The server uses the official Keycloak Admin Client and implements robust input validation using Zod schemas for all tool arguments. Admin credentials (URL, username, password) are loaded from environment variables or command-line arguments and are validated to ensure they are not empty. There are no direct 'eval' calls or obvious malicious patterns in the provided source. The primary security consideration is the sensitive nature of the Keycloak admin credentials, which grant full administrative access to Keycloak. Proper handling of these credentials in the deployment environment (e.g., using secure secrets management) is critical to prevent unauthorized access to the Keycloak instance.
Similar Servers
leanmcp-sdk
Building production-ready Model Context Protocol (MCP) servers with TypeScript, supporting features like authentication, elicitation, and UI integration for AI agents.
mcp-server-playground
A playground and reference implementation for a Model Context Protocol (MCP) server, featuring streamable HTTP transport, OAuth proxy for third-party authorization servers like Auth0, and stateful session management.
suse-ai-up
A comprehensive, modular Model Context Protocol (MCP) proxy system that enables secure, scalable, and extensible AI model integrations.
scalekit-mcp-server
This server enables AI agents to interact with Scalekit's identity platform through the Model Context Protocol (MCP) for natural language identity management.