Managing user accounts with Keycloak | On-Premise | Urbi Documentation

Managing user accounts with Keycloak

This guide describes how to configure user accounts for Urbi products that do not support registration via API. You will learn:

  • How to create a user account,
  • How to set a password for it,
  • How to edit user data,
  • How to delete a user account.

All the examples below are provided for Urbi On-Premise products (specifically, Urbi On-Premise Pro).

Keycloak is a tool for user identification. It implements the single sign-on technology, which allows users to navigate between different systems without re-authentication. You can learn more about Keycloak here.

User differentiation by products is provided by a realm, a security configuration that contains all the necessary data for authentication (users, passwords). Each realm is isolated from others, and the users contained within them do not overlap.

The realm has already been created in advance, so its creation is not described in the context of this instruction.

Before starting, make sure that the authorization service is installed and working correctly. Then:

  1. Go to a link of the following format: (you get it as a result of the service installation).

  2. Click Administration Console.

    Keycloak start page

  3. Enter your administrator login and password.

  4. Click Sign In.

    Keycloak sign in

To register a user:

  1. Create a user account.
  2. Set a password to it.
  1. Select the on-premise realm.

    Select realm

  2. Navigate to the Users menu.

  3. Click Add user.

    add user button

  4. Fill in the form:

    Add user form

    • Username: user's name in the Keycloak system. Obligatory field.
    • Email: user's email. This field is not marked as obligatory, however, it should be filled in to provide Keycloak correct functioning.
    • Email verified: enable this option to prevent email notifications after each user authentication.
    • First Name: user's first name.
    • Last Name: user's last name.
  5. Complete the user account creation by clicking Create.

Once the user account is created, you are redirected to its profile. To set a password:

  1. Go to the Credentials tab.

    Go to credentials

  2. Click Set password.

  3. Fill in the form:

    Set password

    • Password: enter a password.
    • Password confirmation: repeat the password.
    • Temporary: you can enable this option to set a temporary password. It means that during the initial login, the user is prompted to create a new password to activate their account.
  4. Click Save. A confirmation window appears:

    Set password confirmation

  5. Complete the password setup by clicking Save password.

To update user data, proceed to a card of their account:

  1. Select the on-premise realm.

  2. Go to the Users menu.

  3. Select the user account from the list.

    Searching for the account in the general list

User account profile, the Details tab

  1. Enter new values where necessary. Unchangeable fields are displayed in gray.

    • Email: user's email.
    • Email verified: indication of verified email.
    • First Name: user's first name.
    • Last Name: user's last name.
  2. Click Save.

User account card, the Credentials tab

  1. Click Reset password.

  2. Fill in the form:

    Change password window

    • Password: enter a new password.
    • New password confirmation: confirm the new password.
    • Temporary: enable this option if you need a temporary password.
  3. Click Save. A confirmation dialog will appear:

    Confirm password change

  4. Confirm the password change by clicking Reset password.

User account card, the Credentials tab

  1. Click on the Three-dots icon in the password line.

  2. Click Delete in the password line.

    The Delete button in the password line

  3. Confirm the password reset by clicking on Delete in the appeared confirmation dialog.

    Confirm password change

  1. Select the on-premise realm.

  2. Go to the Users menu.

  3. To delete a single user account:

    1. Click the Three-dots icon icon in the line of the appropriate user account.
    2. Click Delete.
  4. To delete multiple user accounts:

    1. Select checkboxes at the lines of the appropriate user accounts.
    2. Click Delete user.
  5. In both cases, a confirmation dialog appears after that:

    Confirm deleting a user account

  6. Confirm deleting (single or multiple) by clicking Delete.