Security is now in the driving seat of any software development process. Organizations are adopting shift-left strategies to integrate security into every phase of software development. As security has become imperative, developers are looking for newer tools to enable secured development. Identity and Access Management is one of the areas where platforms like Keycloak make integration of security simple and easy. Keycloak is a single sign-on software for web apps and RESTful web services that provides customizable user interfaces for login, administration, registration, and account management. Moreover, it includes security features tailored to the organization’s requirements.
Keycloak has made it possible to import and export the entire database from one environment to another or migrate to a different database. Import and export in Keycloak are triggered at server boot time, and parameters are passed in through Java system properties. In this blog, I will explain step-by-step how you can import/export Realm, a database by MongoDB, in Keycloak. But first, let’s see why you may need to export/import Realm in Keycloak.
Why do we need to import/export Realm?
Realm performs the task of managing a set of users, roles, credentials, and groups. Realm databases are usually isolated and can only manage and authenticate the users they control. The primary reason to export/import Realm is to keep a backup of the current setting. With the assistance of this feature, you can back up the current setting and restore it whenever required. You can also track the older settings using this functionality. Moreover, these backed-up settings can be shared with other users for initial setup. You can store/share/upload the export settings of the Realm on Git for global use.
There are multiple ways to install Keycloak 15.0.2; you can use Dockerized Keycloak or download a RAR file and run it on the server. Here is a guide to Keycloak installation and customizing the login pages in Keycloak.
Now let's see how you can export and import Realm in Keycloak.
After logging in, click on the export button present in the left corner.
After clicking Export, you can see the following options:
Export groups and roles: To add available groups and roles in your exported file.
Export clients: To add available clients in your exported file.
Now, turn on the Export groups and roles and Export clients.
You can export the realm.json file on the local machine by clicking on the Export button.
Add Custom properties file
Before importing the realm.json file in Keycloak, you need to create a profile.properties file. Create a profile.properties file with the following command:
and move it to the following location:
Click on the Import and select your realm.json file. After selecting the file, you can see the options as shown below:
Import users: To import users from the realm.json file.
Import clients: To import clients from the realm.json file.
Import realm roles: To import available realm roles from the realm.json file.
Import client roles: To import available client roles from the realm.json file.
If a resource exists: To select options from the drop-down list.
The drop-down list options and their functional meanings are as follows:
1] Fail: If any minor error occurred, it would not import anything.
2] Skip: If it gets an error, it will skip and move forward.
3] Overwrite: Removes the existing Realm and imports the Realm again with new data from the selected file.
After you have selected the options, click on the import button.
This is how you can import/export Realm in Keycloak. Importing and exporting Realm in Keycloak is fairly simple. In today's fast-paced business environment with an increasing need for security, a proper authorization and authentication tool can help a lot. Keycloak helps you integrate security into your applications. I hope the blog will help you import and export the database out of Keycloak in the easiest way. Try it out and let us know your experience in the comments section below.