From e1318d52d7ce8052a198c425ca773d1d5ba7aef8 Mon Sep 17 00:00:00 2001 From: Alexander Schwartz Date: Wed, 2 Mar 2022 12:50:09 +0100 Subject: [PATCH] Add section on how to add the initial admin user Closes #10531 Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com> --- docs/guides/src/main/server/configuration.adoc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/guides/src/main/server/configuration.adoc b/docs/guides/src/main/server/configuration.adoc index 4931513e64b..49275a91b17 100644 --- a/docs/guides/src/main/server/configuration.adoc +++ b/docs/guides/src/main/server/configuration.adoc @@ -154,6 +154,14 @@ is needed for deploying Keycloak in production. By default, the configuration options for the production mode are commented out in the `conf/keycloak.conf`. These examples are meant to give you an idea about the main settings to consider when running in production. +== Setup of the initial admin user + +The initial admin user can be added manually using the web frontend when accessed from localhost or automatically using environment variables. + +To add the initial admin user using environment variables, set `KEYCLOAK_ADMIN` for the initial admin username and `KEYCLOAK_ADMIN_PASSWORD` for the initial admin password. +Keycloak uses them at the first startup to create an initial user with administration rights. +Once the first user with administrative rights exists, you can use the UI or the command line tool `kcadm.[sh|bat]` to create additional users. + == Unsupported server options In most cases, the available options from the server configuration should suffice to configure the server.