DEV Community

Cover image for Keycloak Integration in Angular Application
Anjan Kumar
Anjan Kumar

Posted on • Updated on

Keycloak Integration in Angular Application

What is Keycloak?

  • An Open Source Identity and Access Management for Modern Applications and Services.
  • One of the opensource implementation of OpenID protocol.
  • Simple Identity Layer on top of OAuth2.0 protocol

Why do we need Keycloak in Angular?

  • To secure our application from unauthorized access
  • To identify who is the user of the application, to show the relevant content & authorized content.

Prerequisites

  1. Angular 6/+ Application

Steps to Integrate Keycloak in Angular Application

  1. Install Keycloak JS package
    1. npm i --save keycloak-js
  2. Install Keycloak Angular package
    1. npm i --save keycloak-angular
  3. Keycloak Server Configuration
    1. environment.ts
  4. Keycloak Initialization
    1. Create a file AppInit.ts in the project src directory AppInit.ts
  5. Integrating into AppModule (Refer the image below these points)

    1. Import KeycloakAngularModule in AppModule
    2. Register Provider KeyloackService
    3. Register Provider of type APP_INITIALIZER with initializer we defined in AppInit.ts
    4. Register Provider AuthService (You can find the AuthService implementation below)

    AuthService
    auth.service.ts
    AppModule
    app-module.ts

  6. Guard configuration

    1. Create a Guard ng new g auth
    2. Change the definition of the class as below, notice the extends auth.guard.ts
    3. Routing Module Configuration, Use the AuthGuard for routes that you want to restrict access, Assign required roles for each route in data attribute, roles parameter as an array. app-routing.module.ts
  7. Start the application ng s, then you will have the login screen provided by the Keycloak, log in with the correct user to access your application who has the roles that are assigned in the routing configuration

    Keycloak Login Screen

Top comments (22)

Collapse
 
ridaehamdani profile image
Ridae HAMDANI

Thanks for this awesome article, but what is the difference between using keycloak instead of simple JWT ??

Collapse
 
anjnkmr profile image
Anjan Kumar • Edited

Thanks for reading...

Keycloak a complete Identity and Access Management for Modern Applications and Services, which will have complete User management, Roles, Fine-grained Authorization management, and a lot more other features.

On the other hand, JWT is a concept that we need to implement ourselves, which means we need to do user management, roles management, etc., it just gave us the token with some data in it, remaining all we need to implement on our own.

Collapse
 
jashi79 profile image
SIVA • Edited

SSO Is possible with the above code or we need add some other functionality

Thread Thread
 
anjnkmr profile image
Anjan Kumar

I just realised that i didn't include the AuthService, We need to have AuthService file along with above, I will share it today.

Thread Thread
 
anjnkmr profile image
Anjan Kumar

Just added AuthService, please check

Thread Thread
 
jashi79 profile image
SIVA

Thank You So much

Collapse
 
diksha_bhatia_eeeee7c7eea profile image
Diksha Bhatia

I am getting error - Invalid parameter: redirect_uri
Can you please tell what could be the possible mistake?

Collapse
 
anjnkmr profile image
Anjan Kumar

Did you register the redirect_uri in your client in keycloak console?

Collapse
 
diksha_bhatia_eeeee7c7eea profile image
Diksha Bhatia

Yes, now I did. I am able to login now but getting cors error when Keycloak login page is redirected to my Angular Application.

Thread Thread
 
anjnkmr profile image
Anjan Kumar

You need to add the urls in Web Origins fields also, please refer the screenshot in the below comment

Thread Thread
 
diksha_bhatia_eeeee7c7eea profile image
Diksha Bhatia • Edited

Thanks :) It is working fine now. Do you have any tutorial for Social Login via Keycloak (Angular)?

Thread Thread
 
anjnkmr profile image
Anjan Kumar

No, i didn't have now...

Collapse
 
anjnkmr profile image
Anjan Kumar

Did you register the redirect_uri in your client in keycloak console?
refer the screenshot
Screenshot

Collapse
 
nkmhang profile image
Hang Nguyen

Hi, I just have followed your tutorial. However, the logout seems not work. The console tells "Cannot read property logout of undefined". It looks like the instance keycloak has been reset. Please help, thanks

Collapse
 
anjnkmr profile image
Anjan Kumar

Did you get any CORS errors in console?

Collapse
 
santoshkolar profile image
santoshkolar

I am getting the following error after all setup.

Refused to frame 'localhost:8080/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Collapse
 
greg59650 profile image
greg59650

Hi, Did you integrate AuthService?

Collapse
 
anjnkmr profile image
Anjan Kumar

Just added AuthService, please check

Collapse
 
sagolab profile image
SAGO

Hi there, what about AuthService?

Collapse
 
anjnkmr profile image
Anjan Kumar

Thank you for the inputs, Just added AuthService, please check

Collapse
 
raghavdx007 profile image
Raghav V

I am getting error - Page not found.
Can you please help me on the same?

Collapse
 
anumber8 profile image
anumber8

Very good post indeed. But I would suggest if you don't mind to repost with the code in text not images that would be more helpful for all of us looking for this type of solution, Kind regards.