https://blog.devops-monk.com/tags/keycloak/Recent content in Keycloak on Devops MonkHugoen-usSat, 23 May 2026 00:00:00 +0000https://blog.devops-monk.com/tutorials/testcontainers/keycloak-oauth2-testing/Sat, 23 May 2026 00:00:00 +0000https://blog.devops-monk.com/tutorials/testcontainers/keycloak-oauth2-testing/Testing Spring Security with @WithMockUser and SecurityMockMvcRequestPostProcessors.jwt() verifies that your authorization annotations are wired correctly, but it does not test JWT validation, token signing algorithms, issuer URL verification, or clock skew handling. These require a real OAuth2 provider. KeycloakContainer runs a real Keycloak instance in Docker, giving you a complete OIDC server for integration tests. What You’ll Learn KeycloakContainer setup from the community module Importing a Keycloak realm for tests Retrieving JWT access tokens programmatically Testing protected endpoints with real JWTs Testing role-based access control (RBAC) Testing token expiry and refresh flows Dependencies KeycloakContainer is not in the Testcontainers core library.