diff --git a/components/management-controller/.gitignore b/components/management-controller/.gitignore
index 67974c3..11ed95f 100644
--- a/components/management-controller/.gitignore
+++ b/components/management-controller/.gitignore
@@ -4,3 +4,5 @@ app
 npm-debug.log*
 .DS_store
 .idea
+
+keycloak.json
\ No newline at end of file
diff --git a/components/management-controller/keycloak.json b/components/management-controller/keycloak.json
new file mode 100644
index 0000000..f77f17d
--- /dev/null
+++ b/components/management-controller/keycloak.json
@@ -0,0 +1,8 @@
+{
+  "realm": "keycloak realm",
+  "auth-server-url": "keycloak url",
+  "ssl-required": "external",
+  "resource": "keycloak client ID",
+  "public-client": true,
+  "confidential-port": 0
+}
diff --git a/yaml/keycloak-config.yaml b/yaml/keycloak-config.yaml
new file mode 100644
index 0000000..4d536e1
--- /dev/null
+++ b/yaml/keycloak-config.yaml
@@ -0,0 +1,79 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    description: keycloak service
+  labels:
+    application: 'keycloak'
+  name: 'keycloak'
+spec:
+  ports:
+    - port: 8080
+      targetPort: 8080
+  selector:
+    app: 'keycloak'
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    application: 'keycloak'
+  name: 'keycloak'
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: 'keycloak'
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        application: 'keycloak'
+        app: 'keycloak'
+    spec:
+      containers:
+        - env:
+            - name: KEYCLOAK_ADMIN
+              value: 'admin'
+            - name: KEYCLOAK_ADMIN_PASSWORD
+              value: 'admin'
+            - name: KC_PROXY
+              value: 'edge'
+            - name: KC_DB
+              value: postgres
+            - name: KC_DB_URL
+              value: 'jdbc:postgresql://postgres/studiodb'
+            - name: KC_DB_USERNAME
+              value: 'access'
+            - name: KC_DB_PASSWORD
+              value: 'password'
+          image: quay.io/keycloak/keycloak:24.0.4
+          livenessProbe:
+            failureThreshold: 300
+            httpGet:
+              path: /
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 120
+          name: 'keycloak'
+          ports:
+            - containerPort: 8080
+              protocol: TCP
+          readinessProbe:
+            failureThreshold: 300
+            httpGet:
+              path: /
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 120
+          securityContext:
+            privileged: false
+          volumeMounts:
+            - mountPath: /opt/keycloak/data
+              name: empty
+          args: ["start-dev"]
+      volumes:
+        - name: empty
+          emptyDir: {}