Full Stack (Docker)
This guide provides the minimal steps to get our full software stack running locally for development and testing purposes. Choose the deployment option that matches your needs:
- Local deployment: Run everything on your local machine for development and testing
- Domain deployment: Deploy to a server with a public domain behind an SSL-terminating proxy
This quick setup guide is designed for development and testing environments only. The configurations provided are not hardened for production use and require additional security measures before being exposed to external networks or the internet. For production deployment guidance, please contact your implementation team.
Prerequisites
- Docker installed on your local machine
- Deployment credentials and files (provided by your implementation team):
- Container registry login command with credentials (
docker login -u ...) - Docker Compose configuration file
- Environment and configuration files
- Container registry login command with credentials (
1. Log in to Docker
Use the provided credentials to log in to Docker.
docker login -u [username] -p [password] [registry-url].azurecr.io
2. Pull the images
docker compose pull # could be `docker-compose pull` depending on your docker version
3. Choose your deployment
Option A: Local deployment
Configure local domain resolution
Your deployment uses service names, like keycloak, that need to resolve
to your local machine. The /hosts file tells your computer how to resolve
domain names locally, before it asks DNS servers.
Open your hosts file:
sudo vim /etc/hosts # You may need to input your system password to open the file
Add the following line:
127.0.0.1 keycloak
Save and exit the editor.
Now your computer will redirect keycloak to localhost instead of looking
for it on the internet.
Need help editing in vim?
Press
oto create a new line and enter insert modeType:
127.0.0.1 keycloakPress
Escto exit insert modeType
:wqand press Enter to save and quit
Quick reference:
o= new line + insert modeEsc= exit insert mode:wq= save and quit:q!= quit without saving
Start services
docker compose up -d
This command starts all services in detached mode. The first startup may take a few minutes as services initialize and discover each other. If you see errors related to OIDC configuration discovery, wait a minute or two and try accessing the application again.
Access your application
Your full stack is now running! Access the application at http://localhost and login with these test credentials:
- username:
example_user - password:
example_password
See 4. Create your first organization for the final step.
Option B: Domain deployment (behind SSL-terminating proxy)
Use this option if you're deploying to a server with a public domain behind an SSL-terminating proxy (for example, Traefik, nginx, or Caddy).
The provided configuration in /docker_compose_behind_ssl_proxy is ready
to run as-is. However, if you modify environment variables or configuration
files to match your specific domain and infrastructure, ensure those changes
align with your proxy and DNS setup. OIDC-related variables are set to the
provided Keycloak export realm configuration.
Start services
docker compose up -d
This command starts all services in detached mode. The first startup may take a few minutes as services initialize and discover each other. If you see errors related to OIDC configuration discovery, wait a minute or two and try accessing the application again.
Configure Keycloak for your domain
The provided Keycloak configuration is set up for localhost. After services start, adjust the following settings in Keycloak to match your domain:
- "Valid redirect URIs"
- "Valid post logout redirect URIs"
Access your application
Access the application at your configured domain using the test credentials:
- username:
example_user - password:
example_password
See 4. Create your first organization for the final step.
4. Create your first organization
Create your first organization to get started:
- Click "Organizations" in the left sidebar
- Click "+ New organization"
- Enter "First Organization" for the organization name
- Choose the Applications (keep "Issuer", "Verifier", and "Holder" checked)
- Click "Next step" → "Save"
Once your first organization is created, refresh the page. It may take a few moments before your chosen applications become available. As soon as your chosen applications become available, use the Desk Quick Start Guide to familiarize yourself with the basic operations.