diff --git a/doc/source/contributor/configuration.rst b/doc/source/contributor/configuration.rst
index c9579d089..9d5aff4cb 100644
--- a/doc/source/contributor/configuration.rst
+++ b/doc/source/contributor/configuration.rst
@@ -11,6 +11,7 @@ General
    resource-state-config
    alarm-severity-config
    profiler-config
+   keycloak-config
 
 
 Datasources
diff --git a/doc/source/contributor/keycloak-config.rst b/doc/source/contributor/keycloak-config.rst
new file mode 100644
index 000000000..8faf1e734
--- /dev/null
+++ b/doc/source/contributor/keycloak-config.rst
@@ -0,0 +1,28 @@
+==================
+Configure Keycloak
+==================
+
+Overview
+========
+
+`Keycloak`_, is an open source Identity and Access Management solution aimed at modern applications and services.
+It can be used as an authentication service instead of keystone.
+
+.. _Keycloak: http://www.keycloak.org
+
+Configuration
+=============
+
+Keycloak must be enabled **explicitly** in Vitrage configuration file
+The default authentication mode is keystone::
+
+    [api]
+    auth_mode = keycloak
+
+    [keycloak]
+    auth_url = http://<Keycloak-server-host>:<Keycloak-server-port>/auth
+    insecure = False
+
+
+- ``auth_url`` url of the Keycloak server defaults to ``http://127.0.0.1:9080/auth``
+- ``insecure`` If True, SSL/TLS certificate verification is disabled defaults to ``False``
\ No newline at end of file