Keycloak

Free and Open Source Access Management for all applications and services

About Keycloak

Keycloak is a free and open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.

SINGLE SIGN ON

Users authenticate with Keycloak rather than individual applications. This means that your applications do not have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users do not have to login again to access a different application. This can also be extended to desktop Single Sign On through Active Directory integrated authentication.

Keycloak also provides single logout, which means users only have to logout once to be logged-out of all applications that use Keycloak.

SOCIAL LOGIN

Enabling login with social networks is easy to add through the Keycloak Administration Console. It is just a matter of selecting the social network you want to add. No code or changes to your application is required.

Keycloak can also authenticate users with generic OpenID Connect or SAML 2.0 Identity Providers. This is simply a matter of configuring the Identity Provider through the Keycloak Administration Console.

MULTI-FACTOR AUTHENTICATION SUPPORT

Out-of-the-box support for one-time passwords, smart cards and the WebAuthn specification yield sufficient possibilities for your organization’s multi-factor authentication requirements. Furthermore, IS4U is the only integrator that supplies its customers with Keycloak-integrated strong identity assurance solutions from itsme®.

SELF-SERVICE ACCOUNT CONSOLE

Through the self-service account console, users can manage their own accounts. It provides capabilities such as:

  • Update profile information
  • Manage their password
  • Setup multi factor authentication
  • Manage their active and offline sessions
  • View their account history
  • Link social media providers
  • … and much more

AUTHORIZATION SERVICES

Keycloak provides a powerful fine-grained authorization engine which can be leveraged by applications to help build their permissions model. This authorization engine has the advantage that it can be managed through the Keycloak Administration Console, providing a centralized point for Policy Administration and Policy Retrieval, making it suitable for your Zero Trust strategy.

CLUSTERING

When load increases and/or availability is of importance for your organization, Keycloak has got you covered. It provides powerful clustering capabilities which allow it to scale with workload while simultaneously distributing memory across the cluster, which improves resilience in case a node were to fail, all the while users would not even notice it.

EXTENSIBLE

Do you still have requirements that are not supported out-of-the-box by the product? Keycloak’s framework makes it suitable to develop various extensions or plugins to cater for your custom use-cases:

  • Authentication modules
  • Authorization modules
  • User Storage modules
  • Event modules
  • Password Storage modules
  • Look and Feel modules

Keycloak resources

More insights

UZ Brussel

Digipolis

Sciensano

Related Solutions

Identity and Access Management

More information can be found on the Keycloak website.

Go to Keycloak