Select Page

Keycloak

An open source Identity and Access Management solution aimed at modern applications and services

Keycloak

Have you ever wondered how you could easily ensure the security of your apps from one vantage point? Or maybe you have tried to standardize some solutions based on different technologies and protocols? Is it possible to combine user identity management and credentials in one, central console? Of course – Keycloak is here to help. This is an app owing to which you will not have to worry about storing users and, for instance, use for this purpose existing repositories based on LADP protocol (such as Active Directory, Red Hat Directory Server, OpenLDAP, IBM Tivoli or Apache Directory Server), which you may already be using. Keycloak gives you a possibility to manage application credentials, view current user sessions and manage apps from the administrator console level.

Keycloak logo

What is Keycloak?

It is an app which utilizes OpenId Connect (OIDC) standard to secure your apps. It enables you to grant, delete or modify credentials for all your apps from one point.

Main features supported by Keycloak:

  • Single sign-on (SSO) – the user authenticates themselves by entering their credentials (usually user name and password, but other scenarios are also possible) in Keycloak and information regarding user identity and their credentials is exchanged using OpenId Connect protocol
  • Single sign-out – logging out of one app results in logging out of all integrated systems
  • Multi-factor authentication:
    • Logging in using multiple channels, e.g. user / password + single-use password
    • Supports several built-in scenarios of user authentication and allows to define one’s own
  • Supports several built-in scenarios of user authentication and allows to define one’s own
  • User Federations – the possibility to synchronize user identities from several sources
  • Identity Providers – the user can be authenticated in one of many configured sources available using standard protocols

Technological Adapters

The role of Keycloak client adapter is to secure the app and services as easily as practicable. The app development team works continuously to issue adapters for a variety of technologies. The list of possible adapters is available at the Keycloak website. Currently, adapters for a number of platforms and frameworks are available, e.g. Java, JavaScript, Node.js, Apache Cordova, C#, Python, Android, iOS or Apache HTTP Server.

Jeśli jednak nie znajdziemy odpowiedniego adaptera, możemy sami go zbudować. Trzeba również zwrócić uwagę na to, że można wykorzystać serwer proxy do zabezpieczenia aplikacji, co ogranicza konieczność modyfikacji aplikacji.

Flexibility of the Keycloak solution

Kecloak has been built and developed so as to ensure maximum solution flexibility. Virtually any element available within the platform is attached as a plugin for the base solution. This approach facilitates creating one’s own plugins, which is particularly important in the case of integrating existing solutions which, for a variety of reasons, may not be modified, e.g. due to specific regulations within the organization.

BlueSoft has successfully implemented many projects in this area. We will happily present our portfolio directly as well as answer more questions about technology itself and benefits to be brought by its implementation.

Technology website: Keycloak

See other technologies, which we use in this area

Cyber Security