diff --git a/docs/resources/realm_keystore_aes_generated.md b/docs/resources/realm_keystore_aes_generated.md
index e0515422..277c5f0c 100644
--- a/docs/resources/realm_keystore_aes_generated.md
+++ b/docs/resources/realm_keystore_aes_generated.md
@@ -31,6 +31,7 @@ resource "keycloak_realm_keystore_aes_generated" "keystore_aes_generated" {
 
 - `name` - (Required) Display name of provider when linked in admin console.
 - `realm_id` - (Required) The realm this keystore exists in.
+- `internal_realm_id` - (Optional) The internal id for the realm, if the realm is imported into Terraform. This is not relevant for realms created through Terraform.
 - `enabled` - (Optional) When `false`, key is not accessible in this realm. Defaults to `true`.
 - `active` - (Optional) When `false`, key in not used for signing. Defaults to `true`.
 - `priority` - (Optional) Priority for the provider. Defaults to `0`
diff --git a/docs/resources/realm_keystore_ecdsa_generated.md b/docs/resources/realm_keystore_ecdsa_generated.md
index 77c05838..dd866a1e 100644
--- a/docs/resources/realm_keystore_ecdsa_generated.md
+++ b/docs/resources/realm_keystore_ecdsa_generated.md
@@ -31,6 +31,7 @@ resource "keycloak_realm_keystore_ecdsa_generated" "keystore_ecdsa_generated" {
 
 - `name` - (Required) Display name of provider when linked in admin console.
 - `realm_id` - (Required) The realm this keystore exists in.
+- `internal_realm_id` - (Optional) The internal id for the realm, if the realm is imported into Terraform. This is not relevant for realms created through Terraform.
 - `enabled` - (Optional) When `false`, key is not accessible in this realm. Defaults to `true`.
 - `active` - (Optional) When `false`, key in not used for signing. Defaults to `true`.
 - `priority` - (Optional) Priority for the provider. Defaults to `0`
diff --git a/docs/resources/realm_keystore_hmac_generated.md b/docs/resources/realm_keystore_hmac_generated.md
index da6659f8..3f4d140e 100644
--- a/docs/resources/realm_keystore_hmac_generated.md
+++ b/docs/resources/realm_keystore_hmac_generated.md
@@ -32,6 +32,7 @@ resource "keycloak_realm_keystore_hmac_generated" "keystore_hmac_generated" {
 
 - `name` - (Required) Display name of provider when linked in admin console.
 - `realm_id` - (Required) The realm this keystore exists in.
+- `internal_realm_id` - (Optional) The internal id for the realm, if the realm is imported into Terraform. This is not relevant for realms created through Terraform.
 - `enabled` - (Optional) When `false`, key is not accessible in this realm. Defaults to `true`.
 - `active` - (Optional) When `false`, key in not used for signing. Defaults to `true`.
 - `priority` - (Optional) Priority for the provider. Defaults to `0`
diff --git a/docs/resources/realm_keystore_java_keystore.md b/docs/resources/realm_keystore_java_keystore.md
index d422aa3c..f5e5eeca 100644
--- a/docs/resources/realm_keystore_java_keystore.md
+++ b/docs/resources/realm_keystore_java_keystore.md
@@ -36,6 +36,7 @@ resource "keycloak_realm_keystore_java_keystore" "java_keystore" {
 
 - `name` - (Required) Display name of provider when linked in admin console.
 - `realm_id` - (Required) The realm this keystore exists in.
+- `internal_realm_id` - (Optional) The internal id for the realm, if the realm is imported into Terraform. This is not relevant for realms created through Terraform.
 - `keystore` - (Required) Path to keys file on keycloak instance.
 - `keystore_password` - (Required) Password for the keys.
 - `key_alias` - (Required) Alias for the private key.
diff --git a/docs/resources/realm_keystore_rsa.md b/docs/resources/realm_keystore_rsa.md
index 6ebe229e..3656d5b6 100644
--- a/docs/resources/realm_keystore_rsa.md
+++ b/docs/resources/realm_keystore_rsa.md
@@ -36,6 +36,7 @@ resource "keycloak_realm_keystore_rsa" "keystore_rsa" {
 
 - `name` - (Required) Display name of provider when linked in admin console.
 - `realm_id` - (Required) The realm this keystore exists in.
+- `internal_realm_id` - (Optional) The internal id for the realm, if the realm is imported into Terraform. This is not relevant for realms created through Terraform.
 - `private_key` - (Required) Private RSA Key encoded in PEM format.
 - `certificate` - (Required) X509 Certificate encoded in PEM format.
 - `enabled` - (Optional) When `false`, key is not accessible in this realm. Defaults to `true`.
diff --git a/docs/resources/realm_keystore_rsa_generated.md b/docs/resources/realm_keystore_rsa_generated.md
index ed8e7571..d99191d8 100644
--- a/docs/resources/realm_keystore_rsa_generated.md
+++ b/docs/resources/realm_keystore_rsa_generated.md
@@ -32,6 +32,7 @@ resource "keycloak_realm_keystore_rsa_generated" "keystore_rsa_generated" {
 
 - `name` - (Required) Display name of provider when linked in admin console.
 - `realm_id` - (Required) The realm this keystore exists in.
+- `internal_realm_id` - (Optional) The internal id for the realm, if the realm is imported into Terraform. This is not relevant for realms created through Terraform.
 - `enabled` - (Optional) When `false`, key is not accessible in this realm. Defaults to `true`.
 - `active` - (Optional) When `false`, key in not used for signing. Defaults to `true`.
 - `priority` - (Optional) Priority for the provider. Defaults to `0`
diff --git a/keycloak/realm_keystore_aes_generated.go b/keycloak/realm_keystore_aes_generated.go
index ad14c396..aec15924 100644
--- a/keycloak/realm_keystore_aes_generated.go
+++ b/keycloak/realm_keystore_aes_generated.go
@@ -7,9 +7,10 @@ import (
 )
 
 type RealmKeystoreAesGenerated struct {
-	Id      string
-	Name    string
-	RealmId string
+	Id              string
+	Name            string
+	RealmId         string
+	InternalRealmId string
 
 	Active     bool
 	Enabled    bool
@@ -33,10 +34,17 @@ func convertFromRealmKeystoreAesGeneratedToComponent(realmKey *RealmKeystoreAesG
 		},
 	}
 
+	var parentId string
+	if realmKey.InternalRealmId != "" {
+		parentId = realmKey.InternalRealmId
+	} else {
+		parentId = realmKey.RealmId
+	}
+
 	return &component{
 		Id:           realmKey.Id,
 		Name:         realmKey.Name,
-		ParentId:     realmKey.RealmId,
+		ParentId:     parentId,
 		ProviderId:   "aes-generated",
 		ProviderType: "org.keycloak.keys.KeyProvider",
 		Config:       componentConfig,
diff --git a/keycloak/realm_keystore_ecdsa_generated.go b/keycloak/realm_keystore_ecdsa_generated.go
index fb6396ce..5481c0a7 100644
--- a/keycloak/realm_keystore_ecdsa_generated.go
+++ b/keycloak/realm_keystore_ecdsa_generated.go
@@ -7,9 +7,10 @@ import (
 )
 
 type RealmKeystoreEcdsaGenerated struct {
-	Id      string
-	Name    string
-	RealmId string
+	Id              string
+	Name            string
+	RealmId         string
+	InternalRealmId string
 
 	Active        bool
 	Enabled       bool
@@ -33,10 +34,17 @@ func convertFromRealmKeystoreEcdsaGeneratedToComponent(realmKey *RealmKeystoreEc
 		},
 	}
 
+	var parentId string
+	if realmKey.InternalRealmId != "" {
+		parentId = realmKey.InternalRealmId
+	} else {
+		parentId = realmKey.RealmId
+	}
+
 	return &component{
 		Id:           realmKey.Id,
 		Name:         realmKey.Name,
-		ParentId:     realmKey.RealmId,
+		ParentId:     parentId,
 		ProviderId:   "ecdsa-generated",
 		ProviderType: "org.keycloak.keys.KeyProvider",
 		Config:       componentConfig,
diff --git a/keycloak/realm_keystore_hmac_generated.go b/keycloak/realm_keystore_hmac_generated.go
index e1f05a5a..e0d8ea1d 100644
--- a/keycloak/realm_keystore_hmac_generated.go
+++ b/keycloak/realm_keystore_hmac_generated.go
@@ -7,9 +7,10 @@ import (
 )
 
 type RealmKeystoreHmacGenerated struct {
-	Id      string
-	Name    string
-	RealmId string
+	Id              string
+	Name            string
+	RealmId         string
+	InternalRealmId string
 
 	Active     bool
 	Enabled    bool
@@ -37,10 +38,17 @@ func convertFromRealmKeystoreHmacGeneratedToComponent(realmKey *RealmKeystoreHma
 		},
 	}
 
+	var parentId string
+	if realmKey.InternalRealmId != "" {
+		parentId = realmKey.InternalRealmId
+	} else {
+		parentId = realmKey.RealmId
+	}
+
 	return &component{
 		Id:           realmKey.Id,
 		Name:         realmKey.Name,
-		ParentId:     realmKey.RealmId,
+		ParentId:     parentId,
 		ProviderId:   "hmac-generated",
 		ProviderType: "org.keycloak.keys.KeyProvider",
 		Config:       componentConfig,
diff --git a/keycloak/realm_keystore_java_keystore.go b/keycloak/realm_keystore_java_keystore.go
index a280a705..4f730e1a 100644
--- a/keycloak/realm_keystore_java_keystore.go
+++ b/keycloak/realm_keystore_java_keystore.go
@@ -7,9 +7,10 @@ import (
 )
 
 type RealmKeystoreJavaKeystore struct {
-	Id      string
-	Name    string
-	RealmId string
+	Id              string
+	Name            string
+	RealmId         string
+	InternalRealmId string
 
 	Active    bool
 	Enabled   bool
@@ -50,10 +51,17 @@ func convertFromRealmKeystoreJavaKeystoreToComponent(realmKey *RealmKeystoreJava
 		},
 	}
 
+	var parentId string
+	if realmKey.InternalRealmId != "" {
+		parentId = realmKey.InternalRealmId
+	} else {
+		parentId = realmKey.RealmId
+	}
+
 	return &component{
 		Id:           realmKey.Id,
 		Name:         realmKey.Name,
-		ParentId:     realmKey.RealmId,
+		ParentId:     parentId,
 		ProviderId:   "java-keystore",
 		ProviderType: "org.keycloak.keys.KeyProvider",
 		Config:       componentConfig,
diff --git a/keycloak/realm_keystore_rsa.go b/keycloak/realm_keystore_rsa.go
index 6ffadeca..ac868bd7 100644
--- a/keycloak/realm_keystore_rsa.go
+++ b/keycloak/realm_keystore_rsa.go
@@ -7,9 +7,10 @@ import (
 )
 
 type RealmKeystoreRsa struct {
-	Id      string
-	Name    string
-	RealmId string
+	Id              string
+	Name            string
+	RealmId         string
+	InternalRealmId string
 
 	Active    bool
 	Enabled   bool
@@ -43,10 +44,17 @@ func convertFromRealmKeystoreRsaToComponent(realmKey *RealmKeystoreRsa) *compone
 		},
 	}
 
+	var parentId string
+	if realmKey.InternalRealmId != "" {
+		parentId = realmKey.InternalRealmId
+	} else {
+		parentId = realmKey.RealmId
+	}
+
 	return &component{
 		Id:           realmKey.Id,
 		Name:         realmKey.Name,
-		ParentId:     realmKey.RealmId,
+		ParentId:     parentId,
 		ProviderId:   realmKey.ProviderId,
 		ProviderType: "org.keycloak.keys.KeyProvider",
 		Config:       componentConfig,
diff --git a/keycloak/realm_keystore_rsa_generated.go b/keycloak/realm_keystore_rsa_generated.go
index 849d198d..db291069 100644
--- a/keycloak/realm_keystore_rsa_generated.go
+++ b/keycloak/realm_keystore_rsa_generated.go
@@ -7,9 +7,10 @@ import (
 )
 
 type RealmKeystoreRsaGenerated struct {
-	Id      string
-	Name    string
-	RealmId string
+	Id              string
+	Name            string
+	RealmId         string
+	InternalRealmId string
 
 	Active    bool
 	Enabled   bool
@@ -40,10 +41,17 @@ func convertFromRealmKeystoreRsaGeneratedToComponent(realmKey *RealmKeystoreRsaG
 		},
 	}
 
+	var parentId string
+	if realmKey.InternalRealmId != "" {
+		parentId = realmKey.InternalRealmId
+	} else {
+		parentId = realmKey.RealmId
+	}
+
 	return &component{
 		Id:           realmKey.Id,
 		Name:         realmKey.Name,
-		ParentId:     realmKey.RealmId,
+		ParentId:     parentId,
 		ProviderId:   "rsa-generated",
 		ProviderType: "org.keycloak.keys.KeyProvider",
 		Config:       componentConfig,
diff --git a/provider/resource_keycloak_realm_keystore_aes_generated.go b/provider/resource_keycloak_realm_keystore_aes_generated.go
index 2adc6b5c..02244f57 100644
--- a/provider/resource_keycloak_realm_keystore_aes_generated.go
+++ b/provider/resource_keycloak_realm_keystore_aes_generated.go
@@ -32,6 +32,12 @@ func resourceKeycloakRealmKeystoreAesGenerated() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
+			"internal_realm_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "Internal realm id, if it differs from 'realm_id'",
+			},
 			"active": {
 				Type:        schema.TypeBool,
 				Optional:    true,
diff --git a/provider/resource_keycloak_realm_keystore_ecdsa_generated.go b/provider/resource_keycloak_realm_keystore_ecdsa_generated.go
index 1ee3022a..d5bd5397 100644
--- a/provider/resource_keycloak_realm_keystore_ecdsa_generated.go
+++ b/provider/resource_keycloak_realm_keystore_ecdsa_generated.go
@@ -32,6 +32,12 @@ func resourceKeycloakRealmKeystoreEcdsaGenerated() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
+			"internal_realm_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "Internal realm id, if it differs from 'realm_id'",
+			},
 			"active": {
 				Type:        schema.TypeBool,
 				Optional:    true,
diff --git a/provider/resource_keycloak_realm_keystore_hmac_generated.go b/provider/resource_keycloak_realm_keystore_hmac_generated.go
index 607095b6..2d8cbb99 100644
--- a/provider/resource_keycloak_realm_keystore_hmac_generated.go
+++ b/provider/resource_keycloak_realm_keystore_hmac_generated.go
@@ -33,6 +33,12 @@ func resourceKeycloakRealmKeystoreHmacGenerated() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
+			"internal_realm_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "Internal realm id, if it differs from 'realm_id'",
+			},
 			"active": {
 				Type:        schema.TypeBool,
 				Optional:    true,
diff --git a/provider/resource_keycloak_realm_keystore_java_keystore.go b/provider/resource_keycloak_realm_keystore_java_keystore.go
index 9fb37b88..86eda7fa 100644
--- a/provider/resource_keycloak_realm_keystore_java_keystore.go
+++ b/provider/resource_keycloak_realm_keystore_java_keystore.go
@@ -32,6 +32,12 @@ func resourceKeycloakRealmKeystoreJavaKeystore() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
+			"internal_realm_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "Internal realm id, if it differs from 'realm_id'",
+			},
 			"active": {
 				Type:        schema.TypeBool,
 				Optional:    true,
diff --git a/provider/resource_keycloak_realm_keystore_rsa.go b/provider/resource_keycloak_realm_keystore_rsa.go
index 5c1e5f80..c597ee8e 100644
--- a/provider/resource_keycloak_realm_keystore_rsa.go
+++ b/provider/resource_keycloak_realm_keystore_rsa.go
@@ -32,6 +32,12 @@ func resourceKeycloakRealmKeystoreRsa() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
+			"internal_realm_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "Internal realm id, if it differs from 'realm_id'",
+			},
 			"active": {
 				Type:        schema.TypeBool,
 				Optional:    true,
@@ -80,9 +86,10 @@ func resourceKeycloakRealmKeystoreRsa() *schema.Resource {
 
 func getRealmKeystoreRsaFromData(data *schema.ResourceData) *keycloak.RealmKeystoreRsa {
 	mapper := &keycloak.RealmKeystoreRsa{
-		Id:      data.Id(),
-		Name:    data.Get("name").(string),
-		RealmId: data.Get("realm_id").(string),
+		Id:              data.Id(),
+		Name:            data.Get("name").(string),
+		RealmId:         data.Get("realm_id").(string),
+		InternalRealmId: data.Get("internal_realm_id").(string),
 
 		Active:      data.Get("active").(bool),
 		Enabled:     data.Get("enabled").(bool),
diff --git a/provider/resource_keycloak_realm_keystore_rsa_generated.go b/provider/resource_keycloak_realm_keystore_rsa_generated.go
index 0b230d4e..51affd08 100644
--- a/provider/resource_keycloak_realm_keystore_rsa_generated.go
+++ b/provider/resource_keycloak_realm_keystore_rsa_generated.go
@@ -33,6 +33,12 @@ func resourceKeycloakRealmKeystoreRsaGenerated() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 			},
+			"internal_realm_id": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Default:     "",
+				Description: "Internal realm id, if it differs from 'realm_id'",
+			},
 			"active": {
 				Type:        schema.TypeBool,
 				Optional:    true,