Monitor your Keycloak protected application with SpringBoot Actuator

Spring Boot Actuator provides number of features to monitor and manage your applications. Actuator includes a number of built-in endpoints to monitor, gather metrics and controls your application. You can use HTTP endpoints to interact with it. For example, the health endpoint provides basic application health information.

In this article, we’ll look into how to extend the httptrace endpoint for capturing content, authenticated user, his roles and tracing of the REST calls. In this article our application is protected by Keycloak.

Keycloak and Spring Boot

Keycloak is an open-source Identity and Access Management (IAM) solution aimed at modern applications and services. Keycloak provides out-of-the-box authentication and authorization services as well as advanced features like User Federation, Identity Brokering, and Social Login

Keycloak Client Adapters makes it really easy to secure applications and services. The Client Adapter is available for a number of platforms and programming languages. There are adapters for JBoss EAP/Wildfly, Spring Boot, Angular, NodeScript, and JavaScript.

We’ll write a RESTful service with SpringBoot and then secure it with Keycloak. Springboot Acuator provides built-in endpoint for tracing HTTP calls. We will then extend httptrace endpoint to capture content, authenticated user, his roles and tracing of the REST calls. Before looking at application…