Introduction to Keycloak


What is the Keycloak framework?

  • Open-source software
  • Commercial offering available, RedHat SSO
  • Java-based authentication and authorization server.
  • Very easily integrated with Spring framework based applications.

Actually, the Keycloak framework is an authentication and authorization server that can be used to secure your applications. It has many features as I mentioned below.  Only you need to configure functionalities, don't need to write code. So it will save development time. 


Features of the Keycloak framework
  • Single sign-on and single sign-out
  • Social login
  • User federation (LDAP, Active directory)
  • Centralized management with Admin console
  • Standard protocols (OpenId connect 1.0, OAuth2.0, SAML 2.0)
  • Easy setup and integration
  • Customizable and extensible
  • High performance

The technology stack of Keycloak framework
  • Angular JS, Bootstrap, Freemaker,  PatternFly
  • REST Easy
  • JPA, Jackson 2.x, Commons HTTP client, Wildfly

OAuth 2.0 flow on Keycloak

Click to enlarge


Token types of Keycloak
  • Access token - short lived token that can be used for accessing resources
  • Refresh token - long-lived token that can be used to request a new token
  • ID token - contains user information 
  • Offline token - refresh token that never expired

Keycloak theme configuration


Use Keycloak Admin REST APIs


Integrate Keycloak with Spring Boot


Integrate Keycloak with Spring Security


Introduction to Keycloak Introduction to Keycloak Reviewed by Ravi Yasas on 2:44 PM Rating: 5

No comments:

Powered by Blogger.