01_keycloak.adoc

Keycloak

Keycloak is a Open Source Identity and Access Management and is the upstream project of RedHat SSO. The sources are hosted on GitHub. Its main goal: Make applications secure in a non-invasive way.

Keycloak is actively maintained (especially by Red Hat engineers) and offers among others:

• Single Sign-on

• Integration with LDAP and Active Directory

• Multi-factor authentication

• Standard Protocols (OAuth 2.0, OpenID Connect, SAML 2.0)

• Adapters - Efficient integration of Clients

• Multitenancy

• Customize look and feel

A more complete list with Keycloak features can be found here.

Note

Some technical facts about Keycloak: Keycloak is built on top of WildFly application server, uses internally the provided frameworks like Infinispan and Hibernate. It runs on a Java Virtual Machine and is based on Java EE Keycloak can be run on any operating system which runs a JVM. As persistence layer a database us used. Any database with a JDBC driver can be used. Keycloak often is operated with PostgreSQL, MySQL or Oracle. The minimal system requirements to run Keycloak are in listed in the Installation Manual.

Keycloak is strongly based on OAuth 2.0 and its understanding. It is helpful to understand the OAuth 2.0 protocol and OpenID Connect standard to understand the functionality of Keycloak.

Alternatives

Incomplete List of alternative IAM systems.

• OpenIAM

• WSO2 Identity Server

• Auth0

• Gluu Server

• Apache Syncope

• ORY

---

← Techlab overview | Lab Setup →