diff --git a/supabase/config.toml b/supabase/config.toml
index 14e066b..a066441 100644
--- a/supabase/config.toml
+++ b/supabase/config.toml
@@ -269,6 +269,14 @@ url = ""
 # If enabled, the nonce check will be skipped. Required for local sign in with Google auth.
 skip_nonce_check = false
 
+[auth.external.keycloak]
+enabled = true
+client_id = "supabase"
+secret = "env(SUPABASE_AUTH_KEYCLOAK_SECRET)" # We'll configure this in the next step!
+redirect_uri = "https://test.medreport.ee/auth/v1/callback"
+url = "https://keycloak.medreport.ee/realms/mrb2b"
+skip_nonce_check = false
+
 # Use Firebase Auth as a third-party provider alongside Supabase Auth.
 [auth.third_party.firebase]
 enabled = false