Skip to main content

Keycloak Infrastructure Recommendation

Graph Modeling Authentication Service is based on Keycloak. A built-in Keycloak server is installed during an installation or upgrade to Graph Modeling (formerly PoolParty) 9.0 or higher. We recommend system administrators that they look into the following topics and implement corresponding measures:

  • Keycloak has to be exposed to users via an accessible URL.

    • Please prepare a domain name upfront and configure your reverse proxy to redirect the communication to Keycloak server.

  • Keycloak is an important runtime dependency for Graph Modeling.

    • Please implement backup and monitoring for KeycloakRecommended Backup Strategy for a PoolParty ServerMonitoring and Logging

  • Keycloak listens to a non-secure port by default.

  • Keycloak uses an embedded database to manage configuration data.