PHPackages h2entwicklung/keycloak-security-bundle - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. h2entwicklung/keycloak-security-bundle ActiveSymfony-bundle[Authentication & Authorization](/categories/authentication) h2entwicklung/keycloak-security-bundle ====================================== Allows you to easily handle you application security thanks to keycloak. 0.3(2y ago)0671CECILL-CPHP Since Jan 4Pushed 2y agoCompare [ Source](https://github.com/holema/IDCIKeycloakSecurityBundle)[ Packagist](https://packagist.org/packages/h2entwicklung/keycloak-security-bundle)[ RSS](/packages/h2entwicklung-keycloak-security-bundle/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (3)Dependencies (15)Versions (4)Used By (0) IDCI Keycloak Security Bundle ============================= [](#idci-keycloak-security-bundle) This Symfony bundle is an alternative solution to FOSUserBundle, working with keycloak. For symfony 2/3/4 use version 1.2.0 For symfony 5+ use version 2.0.0 or + Installation ------------ [](#installation) With composer: ``` $ composer require idci/keycloak-security-bundle ``` Configuration ------------- [](#configuration) If you want to set up keycloak locally you can download it [here](https://www.keycloak.org/downloads.html) and follow instructions from [the official documentation](https://www.keycloak.org/documentation.html). In case that you want to use keycloak in docker go directly to [configuration for Docker](#docker). ### Bundle configuration [](#bundle-configuration) #### Basic [](#basic) In case of you already have keycloak running locally on your machine or is running remotely but without proxy, here is the default configuration you should use: ``` # config/packages/idci_keycloak_security.yaml idci_keycloak_security: server_url: '%env(resolve:KEYCLOAK_SERVER_BASE_URL)%' server_public_url: '%env(resolve:KEYCLOAK_SERVER_PUBLIC_BASE_URL)%' server_private_url: '%env(resolve:KEYCLOAK_SERVER_PRIVATE_BASE_URL)%' realm: '%env(resolve:KEYCLOAK_REALM)%' client_id: '%env(resolve:KEYCLOAK_CLIENT_ID)%' client_secret: '%env(resolve:KEYCLOAK_CLIENT_SECRET)%' default_target_route_name: 'app_home' ssl_verification: true ``` #### Docker [](#docker) If you want to use keycloak in docker you can base your stack on this [sample](./Resources/docs/example). Here is a stack example configuration for docker swarm: ``` # config/packages/idci_keycloak_security.yaml idci_keycloak_security: server_public_url: 'http://keycloak.docker' # your keycloak url accessible via your navigator server_private_url: 'http://keycloak:8080' # your keycloak container reference in the network realm: 'MyRealm' client_id: 'my-client' client_secret: '21d4cc5c-9ed6-4bf8-8528-6d659b66f216' default_target_route_name: 'home' # The route you will be redirected to after sign in ``` Make sure that your php container in the container is attached to a network with keycloak, otherwise it will not be able to resolve "" and the public\_server\_url must be accessible through the port 80 because keycloak verify the issuer. NOTE: The keycloak api endpoint as change, so if you used an old version, add the `/auth` to you url: ``` idci_keycloak_security: server_public_url: 'http://keycloak.docker/auth' server_private_url: 'http://keycloak:8080/auth' ``` ### Route configuration [](#route-configuration) Create a new file in `config/routes/` to load pre configured bundle routes. ``` # config/routes/idci_keycloak_security.yaml IDCIKeycloakSecurityBundle: resource: "@IDCIKeycloakSecurityBundle/Resources/config/routing.yaml" prefix: / ``` This will add the following routes to your application: ``` idci_keycloak_security_auth_connect => /auth/connect/keycloak idci_keycloak_security_auth_connect_check => /auth/connect-check/keycloak idci_keycloak_security_auth_logout => /auth/logout idci_keycloak_security_auth_account => /auth/account ``` ### Symfony security configuration [](#symfony-security-configuration) To link keycloak with symfony you must configure your application security file. Here is a simple configuration that restrict access to `/*` routes only to user with roles "ROLE\_USER" or "ROLE\_ADMIN" : ``` # config/packages/security.yaml imports: # Import Keycloak security providers - { resource: '@IDCIKeycloakSecurityBundle/Resources/config/security.yaml' } security: enable_authenticator_manager: true firewalls: # This route create the OAuth 2 "User Authorization Request" and must be accessible for unauthenticated users auth_connect: pattern: /auth/connect/keycloak security: false # Here is an example to protect your application (API) using OAuth 2 Client Credentials Flow (JWT with Bearer token authentication) api: pattern: ^/api provider: idci_keycloak_bearer_security_provider entry_point: IDCI\Bundle\KeycloakSecurityBundle\Security\EntryPoint\BearerAuthenticationEntryPoint custom_authenticators: - IDCI\Bundle\KeycloakSecurityBundle\Security\Authenticator\KeycloakBearerAuthenticator # Here is an example to protect your application (UI) using OAuth 2 Authorization Code Flow secured_area: pattern: ^/ provider: idci_keycloak_security_provider entry_point: IDCI\Bundle\KeycloakSecurityBundle\Security\EntryPoint\AuthenticationEntryPoint custom_authenticators: - IDCI\Bundle\KeycloakSecurityBundle\Security\Authenticator\KeycloakAuthenticator logout: path: idci_keycloak_security_auth_logout role_hierarchy: ROLE_ADMIN: ROLE_USER access_control: # This following ROLES must be configured in your Keycloak client - { path: ^/admin, roles: ROLE_ADMIN } - { path: ^/api, roles: ROLE_API } ``` **Note**: If you wish to secure your application using OAuth 2 Authorization Code Flow for route starting with `/admin`, you will have to put the provided bundle routes behind the firewall, so here is an example on how to do this: ``` ... secured_area: pattern: ^/(admin|auth) provider: idci_keycloak_security_provider entry_point: IDCI\Bundle\KeycloakSecurityBundle\Security\EntryPoint\AuthenticationEntryPoint custom_authenticators: - IDCI\Bundle\KeycloakSecurityBundle\Security\Authenticator\KeycloakAuthenticator logout: path: idci_keycloak_security_auth_logout ... ``` Keycloak configuration ---------------------- [](#keycloak-configuration) If you need help to use keycloak because it is the first time you work on it, we've made a little tutorial step by step describing a basic configuration of a keycloak realm: - [Keycloak older than 19.0.0](./Resources/docs/keycloak-help-guide-old.md) - [Keycloak equal or newer than 19.0.0](./Resources/docs/keycloak-help-guide.md) Logout ------ [](#logout) To logout users, use the route 'idci\_keycloak\_security\_auth\_logout': ``` Logout ``` Keycloak user account space --------------------------- [](#keycloak-user-account-space) If you wants to provide a link to access keycloak user account space, use the route 'idci\_keycloak\_security\_auth\_account': ``` Account ``` ### Health Score 20 — LowBetter than 14% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity9 Limited adoption so far Community15 Small or concentrated contributor base Maturity33 Early-stage or recently created project Bus Factor2 2 contributors hold 50%+ of commits How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 3 Last Release 856d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/b3afae7679d5d1a52eb085ee8cfd201b339b673286f83a1f82a0536ba363f531?d=identicon)[h2Entwicklung](/maintainers/h2Entwicklung) --- Top Contributors [![konandrum](https://avatars.githubusercontent.com/u/964354?v=4)](https://github.com/konandrum "konandrum (48 commits)")[![BeBlood](https://avatars.githubusercontent.com/u/24357558?v=4)](https://github.com/BeBlood "BeBlood (37 commits)")[![burahimu](https://avatars.githubusercontent.com/u/4537997?v=4)](https://github.com/burahimu "burahimu (9 commits)")[![pbek](https://avatars.githubusercontent.com/u/1798101?v=4)](https://github.com/pbek "pbek (3 commits)")[![h2Entwicklung](https://avatars.githubusercontent.com/u/87967468?v=4)](https://github.com/h2Entwicklung "h2Entwicklung (3 commits)")[![vinz2018](https://avatars.githubusercontent.com/u/3055727?v=4)](https://github.com/vinz2018 "vinz2018 (1 commits)")[![lazka](https://avatars.githubusercontent.com/u/991986?v=4)](https://github.com/lazka "lazka (1 commits)")[![CamilleSchwarz](https://avatars.githubusercontent.com/u/49441445?v=4)](https://github.com/CamilleSchwarz "CamilleSchwarz (1 commits)")[![vduvivier](https://avatars.githubusercontent.com/u/137515762?v=4)](https://github.com/vduvivier "vduvivier (1 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/h2entwicklung-keycloak-security-bundle/health.svg) ``` [![Health](https://phpackages.com/badges/h2entwicklung-keycloak-security-bundle/health.svg)](https://phpackages.com/packages/h2entwicklung-keycloak-security-bundle) ``` ### Alternatives [sylius/sylius E-Commerce platform for PHP, based on Symfony framework. 8.4k5.6M647](/packages/sylius-sylius)[simplesamlphp/simplesamlphp A PHP implementation of a SAML 2.0 service provider and identity provider. 1.1k12.4M192](/packages/simplesamlphp-simplesamlphp)[sulu/sulu Core framework that implements the functionality of the Sulu content management system 1.3k1.3M152](/packages/sulu-sulu)[prestashop/prestashop PrestaShop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers. 9.0k15.4k](/packages/prestashop-prestashop)[shopware/platform The Shopware e-commerce core 3.3k1.5M3](/packages/shopware-platform)[scheb/2fa Two-factor authentication for Symfony applications (please use scheb/2fa-bundle to install) 578630.7k1](/packages/scheb-2fa) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)