Keycloak

Introduction

  • Keycloak is an open-source Identity and Access Management (IAM) software that provides secure authentication and authorization for applications and services.

  • It support SSO (Single Sign In) which is similar with google login in

Clients

  • It actually stand for application

  • Redirect Url iis authentication can be set

  • The client scope can be assigned to the client

Users

  • The users is shared across the realm

  • Each application in realm can refer to the user list

  • The role can be assigned to the user

Endpoint

  • Different api end points are exposed from keycloak

Authorization

/realms/{realm-name}/protocol/openid-connect/auth?xxxx

  • The login page of keycloak

Token

/realms/{realm-name}/protocol/openid-connect/token?xxxx

  • The method of getting access token

  • The exchange between auth code and access token

  • Refresh new access token

  • Exchange between client access token

References

LogoSecuring applications and services with OpenID ConnectKeycloak
https://ithelp.ithome.com.tw/users/20112470/ironman/4324ithelp.ithome.com.tw
PreviousSAMLNextPayment

Last updated

Was this helpful?