PHPackages nikochian/flarum-ext-auth-keycloak - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. nikochian/flarum-ext-auth-keycloak ActiveFlarum-extension[Authentication & Authorization](/categories/authentication) nikochian/flarum-ext-auth-keycloak ================================== Allow users to sign in/up/out with Keycloak. 1.0.0(2y ago)1136↓50%MITPHP Since Nov 29Pushed 2y ago1 watchersCompare [ Source](https://github.com/nikochian/flarum-ext-auth-keycloak)[ Packagist](https://packagist.org/packages/nikochian/flarum-ext-auth-keycloak)[ RSS](/packages/nikochian-flarum-ext-auth-keycloak/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (2)Versions (2)Used By (0) flarum-ext-auth-keycloak ======================== [](#flarum-ext-auth-keycloak) Keycloak OAuth Flarum Extension Allows users to login/logout using Keycloak. Installation ------------ [](#installation) To install, use composer: ``` composer require nikochian/flarum-ext-auth-keycloak ``` Usage ----- [](#usage) - Install extension via Composer / Packagist - Enable extension in the admin/extensions of Flarum - Fill in the settings field for the extension - Make sure signup is Open in admin/permissions ([here's why](https://github.com/nikochian/flarum-ext-auth-keycloak/issues/22)) Keycloak setup -------------- [](#keycloak-setup) Written for Keycloak version 4.8.3-final, tested up to 21.1.1, and Flarum 1.3.0. Your mileage may vary. From the *Clients* tab, add a new client for your Flarum instance (or use an existing one). Root URL should be the URL of your Flarum instance. [![Add Keycloak client](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-add-client.png "Add Keycloak client")](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-add-client.png) In order to map Keycloak roles onto Flarum groups, you have to make roles visible from the userinfo endpoint. To this extent, add a mapper to your new client. [![Create Keycloak mapper](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-create-mapper-1.png "Create Keycloak mapper")](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-create-mapper-1.png) [![Add role mapper to Keycloak client](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-create-mapper-2.png "Add role mapper to Keycloak client")](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-create-mapper-2.png) From the *Realm Settings* tab, find the key used by the OpenId Connect workflow (by default, RS256). Copy the algorithm as well as the public key. [![Find Keycloak keys](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-find-keys.png "Find Keycloak keys")](https://github.com/nikochian/flarum-ext-auth-keycloak/raw/main/images/keycloak-find-keys.png) Extension settings ------------------ [](#extension-settings) In the end, extension settings will be: - Keycloak version: the version of your Keycloak instance. - Server URL: the URL to your Keycloak instance, like . Beware the "auth" with no trailing slash for Keycloak versions < 20. - Realm: the authentication realm you created for your Flarum. - Client ID: the name of the client you created above. - Client Secret: defaults to client ID if you do not override. - Encryption algorithm: defaults to RS256. - Encryption key (or cert): you may copy here the content of what was displayed after you pressed the "Public key" button on Keycloak. - Role-to-group mapping: An associative array with roles as keys and group names as values, in JSON format. Example: `{"ROLE_MEMBER":"Member","ROLE_MODERATOR":"Mods","ROLE_ADMIN":"Admin"}`. - Attribute mapping: An associative array with Keycloak attributes as keys and Flarum User attributes as values, in JSON format. Might be used for other extensions. Do not forget client mappers on Keycloak! Example: `{"moniker":"nickname","badges":"badges"}`. - Delegate avatars: if enabled, the "picture" attribute from Keycloak will be used to handle user avatar instead of Flarum's default behaviour. Troubleshooting --------------- [](#troubleshooting) ### User created with an odd name that does not match actual user name like 'tgtplwexeowwluxnqid4cjgw' ([original issue](https://github.com/nikochian/flarum-ext-auth-keycloak/issues/21)) [](#user-created-with-an-odd-name-that-does-not-match-actual-user-name-like-tgtplwexeowwluxnqid4cjgw-original-issue) Flarum only allows user names that match the regular expression `/[^a-z0-9-_]/i`. Every Keycloak user with a "preferred\_username" not matching this expression will instead be assigned a random name, as well as a proper Flarum "nickname". In order to see the nickname instead of the random user name, activate the Nicknames extension and use the User Display Name driver named *nickname*. ### Health Score 22 — LowBetter than 22% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity12 Limited adoption so far Community4 Small or concentrated contributor base Maturity42 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 895d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/f0bbb25ab4a60d462d90d41d21999f5c92d476d7d08c34cab4de2f3bb04201bb?d=identicon)[niko2028](/maintainers/niko2028) --- Tags Authentication ### Embed Badge ![Health badge](/badges/nikochian-flarum-ext-auth-keycloak/health.svg) ``` [![Health](https://phpackages.com/badges/nikochian-flarum-ext-auth-keycloak/health.svg)](https://phpackages.com/packages/nikochian-flarum-ext-auth-keycloak) ``` ### Alternatives [maicol07/flarum-ext-sso SSO for Flarum 468.3k](/packages/maicol07-flarum-ext-sso)[spookygames/flarum-ext-auth-keycloak Allow users to sign in/up/out with Keycloak. 171.5k](/packages/spookygames-flarum-ext-auth-keycloak)[tituspijean/flarum-ext-auth-ldap Allow users to log in through LDAP. 216.2k](/packages/tituspijean-flarum-ext-auth-ldap)[nomiscz/flarum-ext-auth-wechat Allow users to log in with WeChat 152.5k](/packages/nomiscz-flarum-ext-auth-wechat)[hehongyuanlove/flarum-auth-qq Allow users to log in with QQ 111.0k](/packages/hehongyuanlove-flarum-auth-qq) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)