Keycloak auth integration

auth_keycloak
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/11.0/auth_keycloak
VERSION
VERSION 1.0.0
CATEGORY
CATEGORYTools
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), Camptocamp
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), Camptocamp
COMMITTERS
COMMITTERSHolger Brunn, OCA Transbot, oca-travis, OCA-git-bot
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:23:56
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_oauth
    - base
    - web
    - base_setup
    - auth_signup
    - mail
    - bus
    - web_tour
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
auth_keycloak_create_wiz auth.keycloak.create.wiz.form auth.keycloak.create.wiz form New
auth_keycloak_sync_wiz auth.keycloak.sync.wiz.form auth.keycloak.sync.wiz form New
view_oauth_provider_form auth.oauth.provider.form auth.oauth.provider field Inherits auth_oauth.view_oauth_provider_form
view_users_form keycloack res.users.form res.users header Inherits base.view_users_form
Models touched (5)

New fields (1)
  • user_ids Many2many → res.users
    comodel_name='res.users' default=<expr>
Public methods (1)
  • button_create_user(self)
    @api.multi
    Create users on Keycloak. 1. get a token 2. loop on given users 3. push them to Keycloak if: a. missing on Keycloak b. they do not have an Oauth UID already 4. brings you to update users list

New fields (6)
  • endpoint Char
    readonly=True related='provider_id.users_endpoint'
  • login_match_key Selection
    default='username:login' help="Keycloak user field to match users' login." selection=[('username:login', 'username'), ('email:partner_id.email', 'email')]
  • management_enabled Boolean
    readonly=True related='provider_id.users_management_enabled'
  • provider_id Many2one → auth.oauth.provider
    comodel_name='auth.oauth.provider' required=True string='Provider'
  • pwd Char
    readonly=True related='provider_id.superuser_pwd'
  • user Char
    readonly=True related='provider_id.superuser'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_sync(self)
    @api.multi
    Sync Keycloak users w/ Odoo users. 1. get a token 2. retrieve ALL users 3. find matching Odoo users 4. update them w/ their own Keycloak ID 5. get back to filtered list of updated users

New fields (5)
  • client_secret Char
  • superuser Char
    help='A super power user that is able to CRUD users on KC.' placeholder='admin' required=False
  • superuser_pwd Char
    help='"Superuser" user password' placeholder='I hope is not "admin"' required=False
  • users_endpoint Char
    help='User endpoint' placeholder='http://keycloak.mycompany.com/auth/admin/realms/{realm}/users' required=False
  • users_management_enabled Boolean
    compute='_compute_users_management_enabled'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_push_to_keycloak(self, vals)
    @api.multi
    Quick action to push current users to Keycloak.
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/10.0/auth_keycloak
VERSION
VERSION 1.1.0
CATEGORY
CATEGORYTools
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), Camptocamp
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), Camptocamp
COMMITTERS
COMMITTERSAkim Juillerat, OCA Transbot, oca-travis, OCA-git-bot, Simone Orsi
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:19:55
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_oauth
    - base
    - web
    - base_setup
    - web_kanban
    - auth_signup
    - mail
    - bus
    - web_tour
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
auth_keycloak_create_wiz auth.keycloak.create.wiz.form auth.keycloak.create.wiz form New
auth_keycloak_sync_wiz auth.keycloak.sync.wiz.form auth.keycloak.sync.wiz form New
view_oauth_provider_form auth.oauth.provider.form auth.oauth.provider field Inherits auth_oauth.view_oauth_provider_form
view_users_form keycloack res.users.form res.users header Inherits base.view_users_form
Models touched (5)

New fields (1)
  • user_ids Many2many → res.users
    comodel_name='res.users' default=<expr>
Public methods (1)
  • button_create_user(self)
    @api.multi
    Create users on Keycloak. 1. get a token 2. loop on given users 3. push them to Keycloak if: a. missing on Keycloak b. they do not have an Oauth UID already 4. brings you to update users list

New fields (6)
  • endpoint Char
    readonly=True related='provider_id.users_endpoint'
  • login_match_key Selection
    default='username:login' help="Keycloak user field to match users' login." selection=[('username:login', 'username'), ('email:partner_id.email', 'email')]
  • management_enabled Boolean
    readonly=True related='provider_id.users_management_enabled'
  • provider_id Many2one → auth.oauth.provider
    comodel_name='auth.oauth.provider' required=True string='Provider'
  • pwd Char
    readonly=True related='provider_id.superuser_pwd'
  • user Char
    readonly=True related='provider_id.superuser'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_sync(self)
    @api.multi
    Sync Keycloak users w/ Odoo users. 1. get a token 2. retrieve ALL users 3. find matching Odoo users 4. update them w/ their own Keycloak ID 5. get back to filtered list of updated users

New fields (5)
  • client_secret Char
  • superuser Char
    help='A super power user that is able to CRUD users on KC.' placeholder='admin' required=False
  • superuser_pwd Char
    help='"Superuser" user password' placeholder='I hope is not "admin"' required=False
  • users_endpoint Char
    help='User endpoint' placeholder='http://keycloak.mycompany.com/auth/admin/realms/{realm}/users' required=False
  • users_management_enabled Boolean
    compute='_compute_users_management_enabled'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_push_to_keycloak(self, vals)
    @api.multi
    Quick action to push current users to Keycloak.
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/9.0/auth_keycloak
VERSION
VERSION 1.0.0
CATEGORY
CATEGORYTools
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), Camptocamp
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), Camptocamp
COMMITTERS
COMMITTERSAlexandre Fayolle, Akim Juillerat, OCA Transbot, oca-travis, OCA-git-bot
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:15:19
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_oauth
    - base
    - web
    - base_setup
    - web_kanban
    - auth_signup
    - mail
    - bus
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
auth_keycloak_create_wiz auth.keycloak.create.wiz.form auth.keycloak.create.wiz form New
auth_keycloak_sync_wiz auth.keycloak.sync.wiz.form auth.keycloak.sync.wiz form New
view_oauth_provider_form auth.oauth.provider.form auth.oauth.provider field Inherits auth_oauth.view_oauth_provider_form
view_users_form keycloack res.users.form res.users header Inherits base.view_users_form
Models touched (5)

New fields (1)
  • user_ids Many2many → res.users
    comodel_name='res.users' default=<expr>
Public methods (1)
  • button_create_user(self)
    @api.multi
    Create users on Keycloak. 1. get a token 2. loop on given users 3. push them to Keycloak if: a. missing on Keycloak b. they do not have an Oauth UID already 4. brings you to update users list

New fields (6)
  • endpoint Char
    readonly=True related='provider_id.users_endpoint'
  • login_match_key Selection
    default='username:login' help="Keycloak user field to match users' login." selection=[('username:login', 'username'), ('email:partner_id.email', 'email')]
  • management_enabled Boolean
    readonly=True related='provider_id.users_management_enabled'
  • provider_id Many2one → auth.oauth.provider
    comodel_name='auth.oauth.provider' required=True string='Provider'
  • pwd Char
    readonly=True related='provider_id.superuser_pwd'
  • user Char
    readonly=True related='provider_id.superuser'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_sync(self)
    @api.multi
    Sync Keycloak users w/ Odoo users. 1. get a token 2. retrieve ALL users 3. find matching Odoo users 4. update them w/ their own Keycloak ID 5. get back to filtered list of updated users

New fields (5)
  • client_secret Char
  • superuser Char
    help='A super power user that is able to CRUD users on KC.' placeholder='admin' required=False
  • superuser_pwd Char
    help='"Superuser" user password' placeholder='I hope is not "admin"' required=False
  • users_endpoint Char
    help='User endpoint' placeholder='http://keycloak.mycompany.com/auth/admin/realms/{realm}/users' required=False
  • users_management_enabled Boolean
    compute='_compute_users_management_enabled'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_push_to_keycloak(self, vals)
    @api.multi
    Quick action to push current users to Keycloak.
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/8.0/auth_keycloak
VERSION
VERSION 1.0.0
CATEGORY
CATEGORYTools
LICENSE
LICENSEAGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), Camptocamp
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), Camptocamp
COMMITTERS
COMMITTERSAlexandre Fayolle, Akim Juillerat, OCA Transbot, oca-travis, OCA-git-bot
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:11:21
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - auth_oauth
    - base
    - web
    - base_setup
    - web_kanban
    - auth_signup
    - email_template
    - mail
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES Not have
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
auth_keycloak_create_wiz auth.keycloak.create.wiz.form auth.keycloak.create.wiz form New
auth_keycloak_sync_wiz auth.keycloak.sync.wiz.form auth.keycloak.sync.wiz form New
view_oauth_provider_form auth.oauth.provider.form auth.oauth.provider field Inherits auth_oauth.view_oauth_provider_form
view_users_form keycloack res.users.form res.users xpath Inherits base.view_users_form
Models touched (5)

New fields (1)
  • user_ids Many2many → res.users
    comodel_name='res.users' default=<expr>
Public methods (1)
  • button_create_user(self)
    @api.multi
    Create users on Keycloak. 1. get a token 2. loop on given users 3. push them to Keycloak if: a. missing on Keycloak b. they do not have an Oauth UID already 4. brings you to update users list

New fields (6)
  • endpoint Char
    readonly=True related='provider_id.users_endpoint'
  • login_match_key Selection
    default='username:login' help="Keycloak user field to match users' login." selection=[('username:login', 'username'), ('email:partner_id.email', 'email')]
  • management_enabled Boolean
    readonly=True related='provider_id.users_management_enabled'
  • provider_id Many2one → auth.oauth.provider
    comodel_name='auth.oauth.provider' required=True string='Provider'
  • pwd Char
    readonly=True related='provider_id.superuser_pwd'
  • user Char
    readonly=True related='provider_id.superuser'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_sync(self)
    @api.multi
    Sync Keycloak users w/ Odoo users. 1. get a token 2. retrieve ALL users 3. find matching Odoo users 4. update them w/ their own Keycloak ID 5. get back to filtered list of updated users

New fields (5)
  • client_secret Char
  • superuser Char
    help='A super power user that is able to CRUD users on KC.' placeholder='admin' required=False
  • superuser_pwd Char
    help='"Superuser" user password' placeholder='I hope is not "admin"' required=False
  • users_endpoint Char
    help='User endpoint' placeholder='http://keycloak.mycompany.com/auth/admin/realms/{realm}/users' required=False
  • users_management_enabled Boolean
    compute='_compute_users_management_enabled'
Public methods (0)

No public methods.

New fields (0)

No new fields.

Public methods (1)
  • button_push_to_keycloak(self, vals)
    @api.multi
    Quick action to push current users to Keycloak.
STATUS
STATUSOpen migration PR - not merged yet for this version
REPOSITORY
REPOSITORYOCA/server-auth
PULL REQUEST
PULL REQUEST[16.0][MIG] auth_keycloak (#900)