Research
Help improve navigation and content organization by answering a short survey.
Start Survey
Dismiss alert
HashiCorp Developer
HashiCorp Cloud Platform
Terraform
Packer
Consul
Vault
Boundary
Nomad
Waypoint
Vagrant
Vault
Install
Tutorials
Documentation
API
Integrations
Try Cloud
(opens in new tab)
Search
Command or control key
K key
Sign in
Sign up
Theme
Vault Home
Documentation
Skip to main content
Documentation
What is Vault?
Use Cases
Get Started
Browser Support
Installing Vault
Internals
Concepts
Configuration
Commands (CLI)
Vault Agent
Secrets Engines
Auth Methods
Overview
AppRole
AliCloud
AWS
Azure
Cloud Foundry
GitHub
Google Cloud
JWT/OIDC
Overview
OIDC Providers
Overview
Auth0
Azure AD
Forgerock
Gitlab
Google
Keycloak
Kubernetes
Okta
Kerberos
Kubernetes
LDAP
Login MFA
Oracle Cloud Infrastructure
Okta
RADIUS
TLS Certificates
Tokens
Username & Password
App ID
DEPRECATED
DEPRECATED
Audit Devices
Plugins
Vault Integration Program
Vault Interoperability Matrix
Troubleshoot
Platforms
Upgrade Guides
Release Notes
Deprecation Notices
FAQ
Glossary
Vault Enterprise
Resources
Tutorial Library
Certifications
Community Forum
(opens in new tab)
Support
(opens in new tab)
GitHub
(opens in new tab)
You are viewing documentation for version v1.11.x.
View latest version
.
Developer
Vault
Documentation v1.11.x
Auth Methods
OIDC Providers
OIDC Providers
Keycloak
v1.11.x
Vault
v1.18.x (latest)
v1.17.x
v1.16.x
v1.15.x
v1.14.x
v1.13.x
v1.12.x
v1.10.x
v1.9.x
v1.8.x
v1.7.x
v1.6.x
v1.5.x
v1.4.x
keycloak
Keycloak
Select/create a Realm and Client. Select a Client and visit Settings.
Client Protocol: openid-connect
Access Type: confidential
Standard Flow Enabled: On
Configure Valid Redirect URIs.
Save.
Visit Credentials. Select Client ID and Secret and note the generated secret.