kcwarden checks your Keycloak configuration for common misconfigurations and security vulnerabilities.

Install it using Python:

pip install kcwarden

For details and other methods, see our documentation.

Download your Keycloak's config:

kcwarden download --realm $REALM --user admin --output config.json $KEYCLOAK_BASE_URL

and run the checks against it:

kcwarden audit config.json

For more information, see the documentation on the project website.