Integrate Seamlessly with HR Systems and National Identity Sources

Keep your identity data up-to-date and complete—by syncing real-time from HRMS platforms, e-Government sources, and national registries.

Real-Time Sync from HR Systems and Public Identity Sources

Why It Matters

For public sector and enterprise IAM systems, identity data does not originate in isolation. Users, their roles, titles, departments, and organizations already exist in:

Keymate helps unify these data sources by providing: Connector SPIs for real-time sync, Event-based updates using Integration Hub, Attribute mappers into Keycloak or Keymate user model, Delegation and role enrichment for fine-grained access.

Key Components:

HR systems (SAP, Oracle, Workday, custom platforms)

Government registries (MERNIS, MERSIS, KPS, e-Tebligat)

Directories (LDAP, AD)

Trusted Sources Feed Identity and Role Context

Use Cases: Auto-create users in IAM when hired in HRMS, Enrich token with official job title, unit, and delegated access, Revoke access instantly if HRMS status changes, Populate organization hierarchy from government registry.

Key Components:

HRMS or e-Gov system sends updates via Kafka or REST

Integration Hub parses, validates, and enriches the event

User profile or org structure in Keymate is updated

Custom mappers sync relevant fields into Keycloak

Resulting token/session reflects the latest trusted context

Integration Highlights

HRMS Connectors

Built-in integration with modern HR platforms (via EventHub)

e-Gov Registry Sync

Connectors for KPS, MERNIS, MERSIS, e-Tebligat systems

Dynamic Attribute Mapping

Push job title, department, or citizenship into user profile

Auditable Updates

All updates are event-based and traceable

Delegation-Aware Sync

Assign roles or elevate permissions based on registry context

Keycloak Integration

All syncs optionally mapped into Keycloak user attributes

Frequently Asked Questions

Any system that can emit user or org events via Kafka, REST, or file—SAP, Oracle, custom-built, etc.

Yes. REST and polling-based integrations are possible but not recommended for real-time sync.

All incoming data passes through validation logic in Integration Hub before it updates IAM state.

No. While designed for gov use cases, it works with any external identity source—public or private.

How to Use This Integration

Implementation Steps

Configure EventHub to receive messages from HRMS/e-Gov systems

Enable the appropriate Connector SPI (HRMS, KPS, etc.)

Map relevant attributes into Keymate user/org models

Use enrichers to reflect these fields in tokens and sessions

Monitor with observability stack (Kafka, SigNoz, logs)

ELEVATE YOUR IAM STRATEGY

Ready to Transform Your Keycloak Experience?

Implement fine-grained authorization, multi-tenant infrastructure, and comprehensive security policies with Keymate — built on the Keycloak foundation you already trust.