n8n-nodes-keycloak-password
v0.4.0
Published
n8n community node + credential to log in to a Keycloak-protected app using the OpenID Connect password grant
Maintainers
Readme
n8n-nodes-keycloak-password
An n8n community node + credential for calling APIs that sit behind Keycloak, authenticating with the OpenID Connect password grant (Resource Owner Password Credentials).
It replaces the manual login.py token request: the credential stores the form
values securely (n8n encrypts secret fields at rest), and the node posts them to the
token endpoint you configure, returning the token response.
What's included
- Credential
Keycloak Password API— securely stores the keys posted to the token endpoint: Grant Type, Client ID, Client Secret, Username, Password and Scope. - Node
Keycloak HTTP Request— set the token endpoint in the URL field; the node sends the stored credential values asapplication/x-www-form-urlencodedand returns the JSON response.
Credential fields
| Field | Notes |
| --- | --- |
| Grant Type | Defaults to password |
| Client ID | The Keycloak client |
| Client Secret | (empty for a public client) |
| Username | your service account |
| Password | your service account password |
| Scope | Defaults to openid |
Build & install locally
npm install
npm run build # n8n-node build (compiles TS + copies icons)
npm run dev # or: run a local n8n with the node hot-linked
# manual link into your n8n custom folder
mkdir -p ~/.n8n/custom
cd ~/.n8n/custom && npm link n8n-nodes-keycloak-password # after `npm link` in this repoRestart n8n, then add the Keycloak Password API credential and use the Keycloak HTTP Request node — paste your token endpoint into the node's URL field.
Security notes
- Secrets are entered as password fields and encrypted by n8n's credential store.
- Do not commit real secrets.
login.pyis gitignored. - The password grant is fine for trusted server-to-server / service-account logins, which is this node's use case.
