Connects Claude to Keycloak's Admin REST API using service account authentication, so you can search users, reset passwords in bulk from CSV, track login events by IP or client, and monitor brute force attempts without touching user sessions or the userinfo endpoint. The tools cover the morning patrol basics: active sessions, login stats bucketed by hour or client, admin event history for tracking attribute changes, and a daily brief that flags IPs over your failure threshold. Helpful if you're managing a Keycloak realm and want conversational access to user counts, group membership, password update logs, and session kills without writing scripts or clicking through the admin console. Optional site labeling maps IP ranges to human readable location tags.
claude mcp add --transport stdio shigechika-keycloak-mcp -- uvx keycloak-mcp