If you're looking for a single sign-on solution (SSO) that enables you to secure new or legacy applications and easily use federated identity providers (IdP) such as social networks, you should definitely take a look at Keycloak. Keycloak is the upstream open source community project for Red Hat Single Sign-On (RH-SSO). RH-SSO is a core service that is part of a number of products such as Red Hat JBoss Enterprise Application Platform. If you've logged into to developers.redhat.com or openshift.com you are using Keycloak.
On the Red Hat Developer blog there have been a number of recent articles that cover various aspects Keycloak/RH-SSO integration. A recent DevNation Live Tech Talk covered Securing Spring Boot Microservices with Keycloak. This article discusses the features of Keycloak/RH-SSO that you should be aware of.
- You can determine how many active session your system currently has.
- You could force the logout of a single user.
- Or you could force all users of the system to be logged out.
- One time password (OTP) policies
- Centralized password policy
- Authorization policies per resource or per scope
- Timed access policy (users or group of users can login only between certain time slots)
- Rule-Based policy
Getting started with Keycloak
Keycloak login form">
It takes only a few steps to setup Keycloak in your development environment. Take a look at the quick start guides that are available in the Keycloak Quick Starts GitHub repo.Last updated: January 12, 2024