diff --git a/docker-compose.yml b/docker-compose.yml
index 499a967..77518b4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -154,6 +154,8 @@ services:
                 -Drepo.port=8080
                 -Ddw.server.applicationConnectors[0].type=http
                 -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=80
+                -Didentity-service.auth-server-url=${IDENTITY_SERVICE_BASEURL}/auth
+                -Didentity-service.resource=acs-sync
                 "
         depends_on:
             - postgres-acs
@@ -166,6 +168,12 @@ services:
             BASE_PATH: ./
             APP_CONFIG_ECM_HOST: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}"
             APP_BASE_SHARE_URL: "${PROXY_PROTOCOL}://${PROXY_HOST}:${PROXY_PORT}/#/preview/s"
+            APP_CONFIG_AUTH_TYPE: OAUTH
+            APP_CONFIG_OAUTH2_HOST: "${IDENTITY_SERVICE_BASEURL}/auth/realms/alfresco"
+            APP_CONFIG_OAUTH2_CLIENTID: alfresco
+            APP_CONFIG_OAUTH2_IMPLICIT_FLOW: "true"
+            APP_CONFIG_OAUTH2_REDIRECT_LOGIN: "/workspace/"
+            APP_CONFIG_OAUTH2_REDIRECT_LOGOUT: "/workspace/logout"
 
     identity:
         image: alfresco/alfresco-identity-service:1.3
diff --git a/keycloak-alfresco-realm.json b/keycloak-alfresco-realm.json
index 43cb8ae..ecf4e74 100644
--- a/keycloak-alfresco-realm.json
+++ b/keycloak-alfresco-realm.json
@@ -42,6 +42,24 @@
       "attributes": {
         "login_theme": "alfresco"
       }
+    },
+    {
+      "clientId": "acs-sync",
+      "name": "Alfresco Sync Service Clients",
+      "enabled": true,
+      "alwaysDisplayInConsole": false,
+      "redirectUris": [
+        "http://127.0.0.1*",
+        "http://localhost*"
+      ],
+      "standardFlowEnabled": true,
+      "implicitFlowEnabled": false,
+      "directAccessGrantsEnabled": false,
+      "publicClient": true,
+      "protocol": "openid-connect",
+      "attributes": {
+        "login_theme": "alfresco"
+      }
     }
   ],
   "requiredCredentials": [ "password" ],