Welcome to Django Keycloak’s documentation!

Django Keycloak adds Keycloak support to your Django project. It’s build on top of Django’s authentication system. It works side-by-side with the standard Django authentication implementation and has tools to migrate your current users and permissions to Keycloak.

Features

  • Multi tenancy support
  • Permissions by roles or by resource/scope
  • Choose if you want to create a local User model for every logged in identity or not.

Read Testing with the Example project to quickly test this project.

Note

The documentation and the example project are all based on Keycloak version 3.4 since that is the latest version which is commercially supported by Red Hat (SSO).

Installation

Install requirement.

$ pip install git+https://github.com/Peter-Slump/django-keycloak.git

Setup

Some settings are always required and some other settings are dependant on how you want to integrate Keycloak in your project.

Add django-keycloak to your installed apps, add the authentication back-end, add the middleware, configure the urls and point to the correct login page.

# your-project/settings.py
INSTALLED_APPS = [
    ....

    'django_keycloak.apps.KeycloakAppConfig'
]

MIDDLEWARE = [
    ...

    'django_keycloak.middleware.BaseKeycloakMiddleware',
]

AUTHENTICATION_BACKENDS = [
    ...

    'django_keycloak.auth.backends.KeycloakAuthorizationCodeBackend',
]

LOGIN_URL = 'keycloak_login'
# your-project/urls.py
...

urlpatterns = [
    ...

    url(r'^keycloak/', include('django_keycloak.urls')),
]

Before you actually start using Django Keycloak make an educated choice between Setup for local user storage and Setup for remote user.

Then walk through the Initial setup to found out how to link your Keycloak instance to your Django project.

If you don’t want to take all that effort please read about Testing with the Example project

Usage

For requiring a logged in user you can just use the standard Django functionality. This also counts for enforcing permissions.

This app makes use of the Python Keycloak client