Skip to content

Create users in Keycloak

To interact with your NPL application, you need to create users who have permission to trigger actions like creating protocols and executing permissions. NOUMENA Cloud applications contain a keycloak instance by default. Accessing other identity and access management services can be configured.

Understanding Identity Management

Keycloak provides:

  • User registration and authentication
  • OAuth2/OpenID Connect for secure API access
  • Federation with external identity providers

Creating Test Users

Follow these steps to create two test users (Alice and Bob) for your application:

  1. In the Services tab of your application, find Keycloak and click the Visit link to open the Keycloak admin console in a new tab

  2. Copy the Keycloak admin credentials from the Show credentials section in the NOUMENA Cloud Services tab Keycloak login screen

  3. Once logged in to the Keycloak admin console, select your application name as the realm in the top-left dropdown Selecting the application realm

  4. Navigate to the Clients tab in the left sidebar and open the client with your application name Keycloak client selection

  5. Verify that 'Standard flow' is enabled under Capability config Standard flow configuration

  6. Return to the NOUMENA Cloud portal, go to the Overview tab, and copy the Engine API URL Engine API URL

  7. Back in the Keycloak client settings, add the Engine API URL to the 'Valid redirect URIs' field

    This whitelists the engine as a valid URI pattern for browser redirects after successful login

  8. Add "+" (without quotes) to both Valid post logout redirect URIs and Web origins fields Engine API redirect configuration

  9. Click Save

  10. Navigate to the Users tab in the left sidebar and click Add User Adding a new user

  11. Create the first user with username alice and click Create Creating Alice user

  12. In the user's Credentials tab, click Set password

    • Enter a secure password
    • Set Temporary to Off
    • Click Save Setting user password

  13. Repeat steps 10-12 to create a second user with username bob

User Authorization

With these users created, they can now:

  • Authenticate to your application
  • Create and interact with protocol instances
  • Execute permissions based on their attributes

Next Steps

Now that you have users set up, continue to make your first API calls to interact with your NPL application.