Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [keycloak]

Integrated Single Sign On (SSO) and Identity Manager (IDM) for browser apps and RESTful web services. Built on top of JBoss / Wildfly and complies with OAuth 2.0, Open ID Connect, JSON Web Token (JWT) and SAML 2.0 specifications.

About

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.

Integrated Single Sign On (SSO) and Identity Manager for browser apps and RESTful web services. Built on top Wildfly / JBoss and implements the OAuth 2.0, Open ID Connect and JSON Web Token (JWT) and SAML 2.0 specifications.

Keycloak was initially targeted towards the JBoss and Wildfly communities but has solutions for many other environments like Tomcat, Jetty, Node.js, RAILS, GRAILS, etc. Options are to deploy it with an existing app server, as a black-box appliance, or as an Openshift cloud service and/or cartridge.

Links

Features

  • SSO and Single Log Out for browser applications
  • Social Broker. Enable Google, Facebook, Yahoo, Twitter social login with no code required.
  • Optional LDAP/Active Directory integration
  • Optional User Registration
  • Password and TOTP support (via Google Authenticator). Client cert auth coming soon.
  • User session management from both admin and user perspective
  • Customizable themes for user facing pages: login, grant pages, account management, emails, and admin console all customizable!
  • OAuth Bearer token auth for REST Services
  • Integrated Browser App to REST Service token propagation
  • Admin REST API
  • OAuth 2.0 Grant requests
  • CORS Support
  • CORS Web Origin management and validation
  • Completely centrally managed user and role mapping metadata. Minimal configuration at the application side
  • Admin Console for managing users, roles, role mappings, applications, user sessions, allowed CORS web origins, and OAuth clients.
  • Deployable as a WAR, appliance, or an Openshift cloud service (SaaS).
  • Supports JBoss AS7, EAP 6.x, and Wildfly applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java applications.
  • Javascript/HTML 5 adapter for pure Javascript apps
  • Session management from admin console
  • Revocation policies
  • Password policies
  • OpenID Connect Support
  • SAML 2.0 support
35 questions
0
votes
1 answer

GLPI appending :80 to CAS Callback URL

Problem: GLPI is appending :80 to the callback URL for CAS authentication using Keycloak. After logging in successfully on Keycloak, user gets redirected to the GLPI URL which containers :80 in the URL, and is faced with SSL_ERROR_RX_RECORD_TOO_LONG…
retr0
  • 119
  • 3
0
votes
1 answer

How to map internal OIDC group to external K8s cluster roles

I have successfully connected my K8s cluster + dashboard to my Keycloak server, now i have asked myself the question: I have followed these instructions here. Furthermore I also made the appropriate adjustments to the kube-apiserver.yml. In my…
ZPascal
  • 143
  • 1
  • 1
  • 7
0
votes
1 answer

JBPM KIE Server Token Based Authentication

I have successfully installed and configured JBPM 7.40.0 and Keycloak 11.0.0 on the same server instance as per the documentation . I can succesfully do GET http://myserver/kie-server/services/rest/server using basic authentication. Performing the…
Khetho Mtembo
  • 101
  • 1
0
votes
1 answer

Why does embedding KeyCloak into a another stack using requirements.yaml fail?

I ran into a really weird issue when using https://github.com/codecentric/helm-charts/tree/master/charts/keycloak to set up keycloak on k8s: Using this helmchart and setting it up directly works pretty well, extraVolumes / mountPoints are processed…
Peter
  • 11
  • 2
-1
votes
1 answer

Keycloak 16 - can it log OIDC access tokens for Open-ID Connect identity providers?

How can I make Keycloak 16 log the access token, when using an Open-ID Connect identity provider? I need to see what claims the OIDC provider sends to Keycloak.
Lars D
  • 282
  • 2
  • 16
1 2
3