This guide installs Keycloak on a Linux host.
Install required runtime packages for the service:
# For Debian/Ubuntu
sudo apt update
sudo apt install -y openjdk-17-jdk wget curl
# For RHEL/CentOS/Fedora
sudo dnf install -y java-17-openjdk wget curl
# Download the latest stable version (26.5.3)
wget https://github.com/keycloak/keycloak/releases/download/26.5.3/keycloak-26.5.3.zip
# Extract to /opt
sudo unzip keycloak-26.5.3.zip -d /opt/
sudo mv /opt/keycloak-26.5.3 /opt/keycloak
# Pull the latest stable image
docker pull quay.io/keycloak/keycloak:26.5.3
Create an initial admin user account:
# For traditional distribution
cd /opt/keycloak
sudo bin/kc.sh add-user --user admin --password admin123
# For container distribution
docker run --name keycloak_tmp quay.io/keycloak/keycloak:26.5.3 \
-c "bin/kc.sh add-user --user admin --password admin123" \
--rm
# Traditional
sudo bin/kc.sh start-dev
# Container
docker run -p 8080:8080 quay.io/keycloak/keycloak:26.5.3 start-dev
Configure with database and HTTPS:
# Build and start with PostgreSQL
sudo bin/kc.sh build --db=postgres
sudo bin/kc.sh start --hostname=your-domain.com --db-url=jdbc:postgresql://localhost:5432/keycloak --db-username=keycloak --db-password=password
Create a systemd service file:
sudo tee /etc/systemd/system/keycloak.service << EOF
[Unit]
Description=Keycloak Identity Provider
After=network.target
[Service]
Type=exec
User=keycloak
Group=keycloak
ExecStart=/opt/keycloak/bin/kc.sh start --hostname=%i
TimeoutStartSec=600
Restart=always
[Install]
WantedBy=multi-user.target
EOF
# Create keycloak user
sudo useradd -r -s /bin/false keycloak
sudo chown -R keycloak:keycloak /opt/keycloak
# Enable and start the service
sudo systemctl daemon-reload
sudo systemctl enable keycloak
sudo systemctl start keycloak
Access the administration console at https://your-server:8080 and log in with the admin credentials created in Step 3.
See Keycloak Security for hardening guidance.
Stuck on a step or need custom configuration? We provide paid consulting for Keycloak deployments, from single-instance setups to distributed clusters.