Skip to content

Changing Passwords and Keys¤

This page describes how to change passwords and keys for a new deployment (esp. in the context of a Single Node Cloud Installation).

Assuming your instance runs at in a default installation Keycloak is deployed at (this may vary depending on your setup).

This is your starting page:


Change credentials of Keycloak admin account¤

To change the admin user’s password go to “Administration Console” and login with username/password admin/admin

In the upper right corner go to “Manage account”


In the “Account Security” field go to “Signing In”


Click on update in “Basic Authentication” to set a new admin password for :


Set a new password.

Change credentials of cmem-service-account¤

Make sure the realm Cmem is selected, go to Clients in left sidebar and edit cmem-service-account:


Switch to “Credentials” tab and press “Regenerate Secret” Button.


Change credentials of user accounts¤

In default configuration, there are two users: user and admin. Both are configured with different groups to have different permissions inside Corporate Memory.

To change the default passwords, select the Cmem Realm and open Users in the left sidebar:



Then, select “View all users” and choose an account you want to change the password for (we start with admin)


Here you can change the password and unselect Temporary. Then press “Reset Password”


Now proceed with the other account(s).



This step is applicable only in case your deployment is based on the Single Node Cloud Installation.

In order to persist this setup go back to your terminal inside the installation directory.

The following make targets will create a database dump, store it in data/backups/keycloak/latest.sql and replace the initial database dump conf/postgres/docker-entrypoint-initdb.d/keycloak_db.sql.

make keycloak-backup keycloak-restore