Create an Olvid admin realm

The Olvid Management Console can be accessed by anyone logged into the master realm of Keycloak. However, it is recommended to leave the administration of Keycloak itself (and access to the master realm) to server administrators and create a dedicated olvid_admin realm for the administration of Olvid and the day to day management of Olvid users.

  • If you do not plan on having dedicated Olvid administrators, you may completely skip this step!

1. Create the olvid_admin realm

  1. Press the Keycloak dropdown at the top left and press Create realm.

  2. for the Realm name enter “olvid_admin”, or any other name that helps you tell this realm appart from the master and olvid realms. Avoid spaces or special/accented characters as this realm name will be included in URLs.

  3. press Create and wait a few seconds for the realm to be created.

2. Adjust the realm settings

As for the olvid realm, there are many settings that can be adjusted for this new realm. However, as this realm will be used to authenticate users for a web application, the default Keycloak settings are probably almost good for you.

  • you can adjust the lifespan of tokens to your needs
  • no need to create a specific client for authentication here, the default authentication mechanisms will be used

Contrary to the Olvid user realm, you do not need to create a specific client for authentication as admin users will log in directly from the browser, using the regular Keycloak authentication flow. Do not deactivate the account or account-console clients for this realm.

3. Add users to this realm

You may either create users manually (either from the Keycloak interface or from the Olvid management console) or add an external Identity Provider, or LDAP user federation for admins too. If you choose to use local users, you can create admin users directly from the Olvid console.

If you need to create users using the Keycloak administration interface (or APIs) instead of the Olvid Management Console, you should set the olvid-role attribute of these users to one of admin, editor, or viewer.