Keycloak Admin

io.github.mrz1880/mcp-keycloak-admin·v0.2.2·Other

Administer Keycloak via its Admin REST API: users, roles, clients, groups, IdP, events.

Trust verdict · v1 advisory · method

NOT YET SCREENEDno verdict on file

Verdict not yet evaluated for this tool. The semantic screen takes adversarial cases first; coverage rolls out as the corpus expands (15/150 labels to graduation). The deterministic conformance probe is built but has not yet run on the public corpus, so a recorded verdict here is REVIEW or UNVERIFIED, never a clearing ALLOW. Until a verdict is recorded, an agent should treat this tool as not-yet-cleared and fall back to its own checks. Method: the eval, four-state verdict, honest limits.

Own this server? Screen its description →

Environment variables

KEYCLOAK_BASE_URL

required

Base URL of the Keycloak server (no trailing slash).

KEYCLOAK_REALM

required

Realm the server operates on.

AUTH_MODE

required

Authentication mode: service_account or password.

KC_CLIENT_ID

Confidential client id (service_account mode).

KC_CLIENT_SECRET

secret

Client secret (service_account mode).

KC_ADMIN_USERNAME

Admin username (password mode).

KC_ADMIN_PASSWORD

secret

Admin password (password mode).

KC_ADMIN_REALM

Realm holding the admin user (password mode; default master).

READ_ONLY

When true, write and destructive tools are not registered.

ALLOWED_REALMS

Comma-separated allow-list of realms the server may operate on.

MCP quality score · maturity, not trust · methodology

freshness

completeness

installability

documentation

stability

Alternatives in Other

agency.lona/trading

AI-powered trading strategy development: backtesting, market data, and portfolio analysis

ABMeter

ai.abmeter/abmeter

Feature flagging and A/B testing platform with AI-first experimentation workflows.

AdAdvisor MCP Server

ai.adadvisor/mcp-server

Query Meta Ads performance data — accounts, campaigns, ad sets, ads, metrics & settings.

Install

Claude Desktop (claude_desktop_config.json)

{
  "mcpServers": {
    "mcp-keycloak-admin": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-keycloak-admin"
      ],
      "env": {
        "KEYCLOAK_BASE_URL": "<keycloak_base_url>",
        "KEYCLOAK_REALM": "<keycloak_realm>",
        "AUTH_MODE": "<auth_mode>",
        "KC_CLIENT_ID": "<kc_client_id>",
        "KC_CLIENT_SECRET": "<your-kc_client_secret>",
        "KC_ADMIN_USERNAME": "<kc_admin_username>",
        "KC_ADMIN_PASSWORD": "<your-kc_admin_password>",
        "KC_ADMIN_REALM": "<kc_admin_realm>",
        "READ_ONLY": "<read_only>",
        "ALLOWED_REALMS": "<allowed_realms>"
      }
    }
  }
}

Cursor (.cursor/mcp.json)

{
  "mcpServers": {
    "mcp-keycloak-admin": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-keycloak-admin"
      ],
      "env": {
        "KEYCLOAK_BASE_URL": "<keycloak_base_url>",
        "KEYCLOAK_REALM": "<keycloak_realm>",
        "AUTH_MODE": "<auth_mode>",
        "KC_CLIENT_ID": "<kc_client_id>",
        "KC_CLIENT_SECRET": "<your-kc_client_secret>",
        "KC_ADMIN_USERNAME": "<kc_admin_username>",
        "KC_ADMIN_PASSWORD": "<your-kc_admin_password>",
        "KC_ADMIN_REALM": "<kc_admin_realm>",
        "READ_ONLY": "<read_only>",
        "ALLOWED_REALMS": "<allowed_realms>"
      }
    }
  }
}

Cline (cline_mcp_settings.json)

npx -y mcp-keycloak-admin

Verdict API

curl -s mcpindex.ai/api/v1/trust/server/io-github-mrz1880-mcp-keycloak-admin

Free-tier verdict as JSON: decision + dimensions + severity. Call it from your agent before it invokes a tool it just discovered.

Details

version: v0.2.2
category: Other
quality: 85 / 100
operator: mrz1880

Provenance

Verdict history is anchored to Bitcoin via OpenTimestamps. The free tier returns the current verdict only; the anchored record is served on the authenticated tier.

Links

Repository →