Notes on Keycloak - Identity and Access Management for Modern Applications#

1. Getting Started with Keycloak#

Keycloak is an open source Identity and Access Management tool with a focus on modern applications such as single-page applications, mobile applications, and REST APIs.

Started in 2014

Features:

  • Fully customizable login pages
  • Strong authentication
  • Various flows: Recovery of passwords
  • Requiring users to regularly update the passwords
  • Accepting terms and conditions

By delegating authentication to Keycloak, your applications do not need to worry about different authentication mechanisms, or how to safely store passwords. This approach also provides a higher level of security as applications do not have direct access to user credentials; they are instead provided with security tokens that give them only access to what they need.

Sources#