To fully integrate Keycloak into local Airflow development with Breeze, you need to configure a Keycloak client.
You can start by using the breeze start-airflow --integration keycloak command,
which launches Airflow with Keycloak support and starts a Keycloak instance with default settings.
Next, create a Keycloak client for Airflow in the Keycloak admin console, accessible at http://localhost:48080/.
During client creation, the relevant configuration section is called Login Settings;
after the client is created, this section appears as Access Settings.
| Field | Local (Breeze) Value | Local (Breeze) Templated Value |
|---|---|---|
| Root URL | http://localhost:28080 | ${authBaseUrl} |
| Home URL | http://localhost:28080 | <Not Usable> |
| Valid Redirect URIs | http://localhost:28080/* | <Not Usable> |
| Valid Post Logout Redirect URIs | http://localhost:28080/* | <Not Usable> |
| Web Origins | http://localhost:28080 | ${authBaseUrl} |
After you configure the client, the settings will persist as long as the Docker volumes are not removed.
To obtain the client credentials, open the Credentials tab of the client you created.