How to use an exported realm in Keycloak on an Entando6 instance?

I’ve a exported realm generated from a running instance of keycloak and I would like to use that same realm in another Keycloak Instance of Entando 6. How can I make Keycloak import that realm automatically for me?

Enabling Realm Uploading

By default the Entando keycloak ships with loading scripts disabled. To enable script loading via the Keycloak admin console you need to add this setting to your Keycloak deployment:


Add this under JAVA_TOOL_OPTIONS in the deployment. If you do this in a live instance once it has redeployed then you can use the Realm import feature in Keycloak to import a realm with your data

A common usecase for this is to import the JHipster realm that Entando uses to test MFEs and microservices by default in a development environment. You can load the JHipster realm to a remote server and share it across the team.

Updating the Image

You can also modify the base Entando docker image to change the realm behavior. The image is built from here:

Or you can modify your keycloak deployment to import a different realm file including the realms you want to use. The property setting for that is:

That will give you the ability to import a different realm than the default. The baseline Entando value for that property is (substitute quickstart for your apps name):

Cool thanks! :wink:

About this, have you also tried to use a plain env variable like KEYCLOAK_PROFILE_FEATURE_UPLOAD_SCRIPTS?

I think you can probably set the migration script file using secrets and configMaps as files in kubernetes. That would give you full control and freedom on changing the migration file on the fly

Looks like an environment variable alone doesn’t work. However, JAVA_TOOL_OPTIONS is already exposed as an environment variable so you could update that. This is what it looks like in OpenShift