micrometer-keycloak is no longer actively maintained by VMware, Inc.

Micrometer Keycloak SPI

Inspired by @aerogear's Keycloak Metrics SPI.

A Service Provider that adds a metrics endpoint to Keycloak. The endpoint returns metrics data ready to be scraped by Prometheus.

Two distinct providers are defined:

• MetricsEventListener to record the internal Keycloak events
• MetricsEndpoint to expose the data through a custom endpoint

The endpoint lives under <url>/auth/realms/<realm>/metrics. It will return data for all realms, no matter which realm you use in the URL (you can just default to /auth/realms/master/metrics).

Usage

Add the jar into the providers subdirectory of your Keycloak installation.

To enable the event listener via the GUI interface, go to Manage -> Events -> Config. The Event Listeners configuration should have an entry named metrics-listener.

To enable the event listener via the Keycloak CLI, such as when building a Docker container, use these commands. (These commands assume /opt/jboss is the Keycloak home directory, which is used on the jboss/keycloak reference container on Docker Hub.)

/opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD
/opt/jboss/keycloak/bin/kcadm.sh update events/config -s "eventsEnabled=true" -s "adminEventsEnabled=true" -s "eventsListeners+=metrics-listener"
/usr/bin/rm -f /opt/jboss/.keycloak/kcadm.config