Requirements to Run Keycloak
PoolParty Authentication Service is based on Keycloak. A built-in Keycloak server is installed during an installation or upgrade to PoolParty 9.0 (PoolParty 2022 R1) or higher. We recommend system administrators that they look into the following topics and implement corresponding measures:
Keycloak has to be exposed to users via an accessible URL.
Please prepare a domain name upfront and configure your reverse proxy to redirect the communication to Keycloak server.
Keycloak is an important runtime dependency for PoolParty.
Please implement backup and monitoring for Keycloak
Keycloak listens to a non-secure port by default.
We strongly recommend switching to a secure mode after the upgrade. Please prepare an SSL/TLS certificate signed by your CA upfront.
Keycloak uses an embedded database to manage configuration data.
We recommend migrating the embedded database to an external database in production environments.