...
Keycloak version 11.0.3 is used.
General
Keycloak comes with the so-called 'master' realm by default, which governs all other realms ('sub-realms'). It is for administrative purposes.
To allow 'normal' users to authenticate, a new realm should be created (for any given application / as needed) to separate concerns.
If an admin needs access to sub-realms, he should authenticate against the master realm, receive a token, and can then proceed to access the sub-realms.
For further information about keycloak, see the documentation.
Setup
Following, the two ways to setup keycloak are discussed. To be able to automate the process, a bash script was written.
...
The bash script will pull the correct docker container, start it with admin/username set to 'admin', import the 'onap' realm and 'odlux.app' client, create default users in accordance with User management, and set their roles.
Further setup
Before you go and run Keycloak in production there are a few more things that you will want to do, including:
Switch to a production ready database such as PostgreSQL
Configure SSL with your own certificates
Switch the admin password to a more secure password
Quoted from: [https://www.keycloak.org/getting-started/getting-started-docker]
Known problems - change secret of client / automated creation
...