前提：電腦已經安裝Java 17+?

1、下載Keycloak

2、下載完后解壓縮，使用文本編輯器修改配置文件（keycloak/conf/keycloak.conf）

# Basic settings for running in production. Change accordingly before deploying the server.

# Database

# The database vendor.
#db=postgres
db=mysql

# The username of the database user.
db-username=root

# The password of the database user.
db-password=123456

# The full database JDBC URL. If not provided, a default URL is set based on the selected database vendor.
#db-url=jdbc:postgresql://localhost/keycloak
db-url=jdbc:mysql://localhost:3306/keycloak

# Observability

# If the server should expose healthcheck endpoints.
health-enabled=true

# If the server should expose metrics endpoints.
metrics-enabled=true

# HTTP

# The file path to a server certificate or certificate chain in PEM format.
#https-certificate-file=${kc.home.dir}/conf/server.crt.pem

# The file path to a private key in PEM format.
#https-certificate-key-file=${kc.home.dir}/conf/server.key.pem

# The proxy address forwarding mode if the server is behind a reverse proxy.
#proxy=reencrypt

# Do not attach route to cookies and rely on the session affinity capabilities from reverse proxy
#spi-sticky-session-encoder-infinispan-should-attach-route=false

# Hostname for the Keycloak server.
hostname=localhost
?

3、在命令窗口cd到解壓后的keycloak目錄，然后使用下面的指令創建一個臨時的管理員賬號

bin/kc.sh bootstrap-admin user

4、根據提示輸入用戶名和密碼，密碼隨便設，臨時賬號后面還要刪掉

5、啟動keycloak服務

bin/kc.sh start-dev --http-port 8181

6、啟動成功會看到下面的信息

Keycloak 26.3.1 on JVM (powered by Quarkus 3.20.1) started in 35.660s. Listening on: http://0.0.0.0:8181.?

7、在瀏覽器輸入

http://localhost:8181

8、使用剛剛輸入的臨時賬號密碼登錄，進入用戶頁面添加新用戶

9、添加用戶后在 Credentials 頁面設置密碼

10、在 Role mapping 頁面分配權限

11、退出臨時管理賬號，使用剛剛創建的賬號登錄，頂部就不會顯示下面這段英文了

You are logged in as a temporary admin user. To harden security, create a permanent admin account and delete the temporary one.?

12、刪除臨時賬號