DEV Community

Ravi Yasas
Ravi Yasas

Posted on

Introduction to Keycloak

What is an Identity management tool?

Simply it can be used as a security provider. We can delegate our security to a third party. It is just like hiring a security person or hiring a bodyguard.

What is the Keycloak framework?

  • Open-source software
  • Commercial offering available, RedHat SSO
  • Java-based authentication and authorization server.
  • Very easily integrated with Spring framework based applications.

Actually, the Keycloak framework is an authentication and authorization server that can be used to secure your applications. It has many features as I mentioned below. Only you need to configure functionalities, don't need to write code. So it will save your development time.

Features of the Keycloak framework

  • Single sign-on and single sign-out
  • Social login
  • User federation (LDAP, Active directory)
  • Centralized management with Admin console
  • Standard protocols (OpenId connect 1.0, OAuth2.0, SAML 2.0)
  • Easy setup and integration
  • Customizable and extensible
  • High performance

The technology stack of Keycloak framework

  • Angular JS, Bootstrap, Freemaker, PatternFly
  • REST Easy
  • JPA, Jackson 2.x, Commons HTTP client, Wildfly

Token types of Keycloak

  • Access token - a short-lived token that can be used for accessing resources
  • Refresh token - a long-lived token that can be used to request a new token
  • ID token - contains user information
  • Offline token - refresh token that never expired

OAuth 2.0 flow on Keycloak

OAuth 2.0 flow on Keycloak

Top comments (2)

Collapse
 
sunitk profile image
Sunit Katkar

An example of setting up keycloak with Spring boot would be nice.

Collapse
 
raviyasas profile image
Ravi Yasas

Thank you. I will add it soon.