I am using Keycloak import strategy were I am importing Realm from JSON files. For OIDC clients there is no problem, I can configure ENV variable and replace placeholders for secret and all sensitive data per environment.
But now I have to import SAML protocol client, and there are: saml.signing.certificate saml.signing.private.key
which needs to be different per environment. And when I created client on UI in test purposes, I got generated values, but now from my JSON import file, how I can generate values and have them in exposed as ENV vars or auto-created like creating from UI?
I tried to import it completely without any key:value pair hopping that Keycloak will import them, but nothing happened, there is no values generated.
But when we crate client from UI we also do not define values but values are present.
Any ideas?
Hey! I didn’t, but in my case SAML IDPs are used by very specific client that will anyway have dedicated Realm, so I decided to manage it via UI since there is no changes. My main realm still uses import strategy where I have most updates, and good thing is that if Keycloak import strategy is enabled it will affect only realms that you have specified in your realm JSONs folder.
So if you have “realm1”, import strategy enabled, and redeploy Keycloak
On ENV “realm1” will be overwrited as expected, but “realm2” will not be affected at all since you don’t have it in your import folder.
So this is a way working for me, but the question that I have asked, I guess it is not possible, or try first to create a client, then copy values and try to import it and play with it idk …
