The Keycloak platform deploys a Keycloak identity provider as a bench. This is commonly used to provide OIDC/SAML login for other benches (including Cloud Portal and Operator Console).

Deployment

  1. Select Keycloak from the platform dropdown.
  2. Enter a Bench Name.
  3. (Optional) Set the Listen Port (auto-allocated if not set).
  4. (Optional) Set URL (host-only) to control the public hostname.
  5. (Optional) Configure Reverse Proxy if Keycloak will be accessed through external ingress.
  6. Click Create Bench.

Important Notes

  • For production, always use hostname-based access with TLS.
  • If you plan to use Keycloak groups for RBAC in LGF products, ensure a Group Membership mapper is present in the access token for the target client.