Introduction
We use Keycloak as our SSO (Single Sign-On) provider for authentication and user management across all internal services.
You can assign user roles and manage access via the Keycloak admin panel.
This section covers how to:
- Add and manage users in SSO
- Set up projects for new team members
- Assign roles and permissions in SSO
Use this folder as a quick reference for all admin-related tasks.
Accessing Keycloak Admin
-
Go to the Keycloak Admin Panel:
https://sso.queenofgaya.com/ -
Log in with your admin credentials.
-
From the top-left realm dropdown, select:
Witty
Keycloak Groups
ℹ️ Note: Groups in Keycloak are used to auto-assign roles and permissions across internal services like Gerrit, Jenkins, etc
Below is a quick reference of the default groups and what access they provide:
| Group | Permissions Description |
|---|---|
developer | Can access Jenkins, Gerrit (push, pull, create) |
reviewer | Can review & merge in Gerrit |
gerrit-admin | Full control over Gerrit repositories and group-level permissions |
jenkins-admin | Full control over Jenkins repositories and group-level permissions |