Keycloak Authentication


This plugin incorporates SSO in Jenkins with Keycloak


  1. Within the Jenkins dashboard, click Manage Jenkins.
  2. In the Manage Jenkins page, click Manage Plugins.
  3. Click the Available tab.
  4. Filter for keycloak
  5. Click either “Install without restart” or “Download now and install after restart”.
  6. Restart Jenkins if necessary.


Step 1 : Create a keycloak client in a realm

Lets call the realm 'ci' and the client 'jenkins'

Jenkins is running on port 8080

Create the client accordingly

Also make sure sample users are also created, in this case I have created 'devlauer'.

Step 2 : Copy the keycloak.json

Step 3 : In the Jenkins global security settings page select the Keycloak Authentication Plugin for the Security Realm and paste the keycloak JSON content

Step 4 : Log in into jenkins

Jenkins redirects to keycloak for authentication

Keycloak redirects back to Jenkins after successful authentication


Jenkins-Keycloak-Plugin is licensed under the MIT License.


This plugin uses sematic versioning. For more information refer to semver


Changes are available on the GitHub Releases page

Reporting bugs and feature requests

We use the Jenkins JIRA to log all bugs and feature requests. Create a new account, browse to Jenkins JIRA and login with your account then create a new issue with the component keycloak-plugin.


Latest and greatest source of Jenkins Keycloak Plugin can be found on GitHub. Fork it!

Building From Source

  • Checkout or download the source code from the latest tag on GitHub
  • Execute mvn clean verify from your local source code folder (install Maven if not already done).
  • Find the keycloak.hpi file in the target subfolder.

Testing The Plugin

Execute the following

mvn hpi:run -Djetty.port=8090 -Dhpi.prefix=/jenkins

For more details refer the official plugin tutorial


This repository was forked from this repository, which was originally a fork of this repository