Skip to content

Creating AAD Keycloak composite roles (optional post deployment step)

You can create composite roles in Keycloak and link them to Azure Active Directory groups. This may make the identity provider configuration in Keycloak simpler.

Pre-requisites

In order to successfully create composite roles in Keycloak you will need the following:

The Keycloak admin password and URLs of your kdb Insights Enterprise deployment.

KeycloakPassword

URL

Create composite roles

Follow the steps below to log in to Keycloak, which kdb Insights Enterprise uses as its Identity and Access Management component and create the necessary roles.

  1. Use the keycloakUrl or the insightsUiUrl + /auth/ from section above to navigate to the Keycloak web UI.

    Keycloak

  2. Click on Administration Console and log in with the username user and the password you provided during the deployment.

    SignIn

  3. Click on Roles in the left-hand menu then click on the Add Role button.

    AddRole

  4. Enter the Role Name: <role name> and click Save.

  5. Turn Composite Roles ON.

  6. Associate it with the desired roles