VS Code CopilotIDE

Keycloak MCP Server

Bring Iam
to VS Code Copilot

Name: Keycloak MCP Server
Price: 29 USD
Availability: InStock
Rating: 4.9 (1 reviews)
Author: Vinkius

Learn how to connect Keycloak to VS Code Copilot and start using 34 AI agent tools in minutes. Fully managed, enterprise secure, and ready to use without writing a single line of code.

GDPR Free for Subscribers

Create Auth FlowCreate ClientCreate GroupCreate RoleCreate UserDelete ClientDelete GroupDelete RealmDelete UserGet ClientGet Client SecretGet GroupGet RealmGet RoleGet UserImport RealmList Admin EventsList Auth FlowsList Client RolesList ClientsList GroupsList RealmsList Required ActionsList RolesList User GroupsList UsersLogout All UsersPartial Export RealmRegenerate Client SecretReset User PasswordUpdate ClientUpdate GroupUpdate RealmUpdate User

Unlock for AI Agents

Ask AI about this MCP Server ChatGPT Claude Perplexity

Compatible with every major AI agent and IDE

Claude

ChatGPT

Cursor

Gemini

Windsurf

VS Code

JetBrains

Vercel

+ other MCP clients

What is the Keycloak MCP Server?

Connect your Keycloak instance to any AI agent to streamline your Identity and Access Management (IAM) workflows. This server provides comprehensive tools to audit, configure, and maintain your security infrastructure through natural language.

What you can do

Realm Administration — List, import, and export realms, or monitor admin events to audit changes across your infrastructure.
User Management — Create, update, or delete users, reset passwords, and inspect user group memberships without leaving your chat interface.
Client Configuration — Manage OIDC/SAML clients, retrieve client secrets, and regenerate credentials instantly.
Groups & Roles — Organize your security hierarchy by managing groups and assigning roles at both realm and client levels.
Session Control — Force global logouts across entire realms to mitigate security threats in real-time.

How it works

Subscribe to this server
Provide your Keycloak Base URL and a valid Admin Access Token
Start managing your IAM infrastructure from Claude, Cursor, or any MCP client

Who is this for?

DevOps & SREs — Quickly audit realm events and manage client configurations during deployments.
Security Administrators — Perform emergency password resets or session terminations via simple commands.
Backend Developers — Setup test users and retrieve client credentials directly within the IDE flow.

Built-in capabilities (34)

create_auth_flow

Create an authentication flow

create_client

Create a new client

create_group

Create a top-level group

create_role

Create a realm-level role

create_user

Create a new user

delete_client

Delete a client

delete_group

Delete a group

delete_realm

Delete a realm

delete_user

Delete a user

get_client

Get client representation

get_client_secret

Get client secret

get_group

Get group representation

get_realm

Get realm representation

get_role

Get a role by name

get_user

Get user representation

import_realm

Import a realm

list_admin_events

Get admin events for a realm

list_auth_flows

Get authentication flows

list_client_roles

Get client-level roles

list_clients

Get all clients in the realm

list_groups

Get group hierarchy

list_realms

Get accessible realms

list_required_actions

Get required actions

list_roles

Get realm-level roles

list_user_groups

Get user groups

list_users

Get users in a realm

logout_all_users

Remove all user sessions in a realm

partial_export_realm

Partial export of a realm

regenerate_client_secret

Regenerate client secret

reset_user_password

Reset user password

update_client

Update a client

update_group

Update a group

update_realm

Update realm information

update_user

Update a user

Why VS Code Copilot?

GitHub Copilot Agent mode brings Keycloak data directly into your VS Code workflow. With a project-scoped config, the entire team shares access to 34 tools. Copilot queries live data, generates typed code, and writes tests from actual API responses, all without leaving the editor.

—
VS Code is used by over 70% of developers. adding MCP tools to Copilot means your team can leverage external data without leaving their primary editor
—
Project-scoped MCP configs (.vscode/mcp.json) let you commit server configurations to your repository, ensuring the entire team shares the same tool access
—
Copilot's Agent mode integrates MCP tools seamlessly with file editing, terminal commands, and workspace search in a single agentic loop
—
GitHub's enterprise compliance and audit features extend to MCP tool usage, providing visibility into how AI interacts with external services

See it in action

Keycloak in VS Code Copilot

AI Agent→Vinkius

High Security·Kill Switch·Plug and Play

Why Vinkius

Keycloak and 4,000+ other MCP servers. One platform. One governance layer.

Teams that connect Keycloak to VS Code Copilot through Vinkius don't need to source, host, or maintain individual MCP servers. Every tool call runs inside a hardened runtime with credential isolation, DLP, and a signed audit chain.

4,000+MCP Servers ready

<40msCold start

60%Token savings

	Raw MCP	Vinkius
Server catalog	Find and host yourself	4,000+ managed
Infrastructure	Self-hosted	Sandboxed V8 isolates
Credential handling	Plaintext in config	Vault + runtime injection
Data loss prevention	None	Configurable DLP policies
Kill switch	None	Global instant shutdown
Financial circuit breakers	None	Per-server limits + alerts
Audit trail	None	Ed25519 signed logs
SIEM log streaming	None	Splunk, Datadog, Webhook
Honeytokens	None	Canary alerts on leak
Custom domains	Not applicable	DNS challenge verified
GDPR compliance	Manual effort	Automated purge + export

Unlock for AI Agents View step-by-step setup guide for VS Code Copilot →

Enterprise Security

Why teams choose Vinkius for Keycloak in VS Code Copilot

The Keycloak MCP Server runs on Vinkius-managed infrastructure inside AWS — a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts. All 34 tools execute in hardened sandboxes optimized for native MCP execution.

Your AI agents in VS Code Copilot only access the data you authorize, with DLP that blocks sensitive information from ever reaching the model, kill switch for instant shutdown, and up to 60% token savings. Enterprise-grade infrastructure, zero maintenance.

Unlock for AI Agents View full Keycloak details →

Fully ManagedVinkius Servers

60%Token savings

High SecurityEnterprise-grade

IAMAccess control

EU AI ActCompliant

DLPData protection

V8 IsolateSandboxed

Ed25519Audit chain

<40msKill switch

Stream every event to Splunk, Datadog, or your own webhook in real-time

* Every MCP server runs on Vinkius-managed infrastructure inside AWS - a purpose-built runtime with per-request V8 isolates, Ed25519 signed audit chains, and sub-40ms cold starts optimized for native MCP execution. See our infrastructure

The Vinkius Advantage

How Vinkius secures
Keycloak for VS Code Copilot

Every tool call from VS Code Copilot to the Keycloak MCP Server is protected by DLP redaction, cryptographic audit chains, V8 sandbox isolation, kill switch, and financial circuit breakers.

< 40msCold start

Ed25519Signed audit chain

60%Token savings

FAQ

Frequently asked questions

Can I reset a user's password using this integration?

Yes. You can use the reset_user_password tool by providing the realm name, the user ID, and the new credential representation. This allows for immediate password management via the AI.

Is it possible to audit administrative changes in a specific realm?

Absolutely. The list_admin_events tool retrieves the history of administrative actions for a target realm, helping you track who changed what and when.

Can I retrieve OIDC client secrets for my applications?

Yes, the get_client_secret tool allows you to fetch the secret for any configured client in a realm. You can also use regenerate_client_secret if a rotation is required.

Which VS Code version supports MCP?

MCP support requires VS Code 1.99 or later with the GitHub Copilot extension. Ensure both are updated to the latest version. Older versions of Copilot may not expose the Agent mode toggle.

How do I switch to Agent mode?

Open the Copilot Chat panel and look for two mode options: "Ask" and "Agent". Click "Agent" to enable autonomous tool calling. In Ask mode, Copilot provides conversational answers but cannot invoke MCP tools.

Can I restrict which MCP tools Copilot can access?

Yes. VS Code shows a tool consent dialog before any MCP tool is invoked for the first time. You can also configure tool access policies at the organization level through GitHub Copilot settings.

Does MCP work in VS Code Remote or Codespaces?

Yes. MCP servers configured via .vscode/mcp.json work in Remote SSH, WSL, and GitHub Codespaces environments. The MCP connection is established from the remote host, so ensure the server URL is accessible from that environment.

MCP tools not available

Ensure you are in Agent mode in Copilot Chat. MCP tools only appear in Agent mode.

Explore More MCP Servers

View all →

Gatling

10 tools

Manage load testing via Gatling Enterprise — list and start simulations, monitor test runs and request stats, and handle generator pools directly from any AI agent.