Red Hat DevNation Live logo

The video from the last DevNation Live: Securing apps and services with Keycloak is now available to watch online.  In this session, you will learn how to secure web/HTML5 applications, single-page and mobile applications, and services with Keycloak. Keycloak can be used to secure traditional monolithic applications as well as microservices and service mesh-based applications that need secure end-to-end authentication for all front- and back-end services. The examples in the video cover PHP, Node.js, and HTML/JavaScript.

Securing applications and services is no longer just about assigning a username and password. You need to manage identities. You need to integrate with legacy and external authentication systems to provide features that are in demand like social logins and single sign-on (SSO). Your list of other requirements may be long. But you don’t want to develop all of this yourself, nor should you.

In this session, Red Hat's Stian Thorgensen, who is an engineering lead for Red Hat Single Sign-On and the community project lead on the Keycloak open source identity and access management software project, takes you through actual code and the underlying concepts.


  • Brief overview of Keycloak
  • OpenID Connect and OAuth 2.0 vs SAML v2.0
    • When to use OIDC and when to use SAML
  • Adapters for securing applications and services with Keycloak
  • Data/process flows for:
    • Securing a traditional/monolithic application
    • Securing a single-page or mobile app
    • Securing back-end services to provide end-to-end authentication of front-end and back-end services
  • Examples covering:
    • HTML5/JavaScript
    • PHP
    • REST service with Node.js


Resources and more information


For a deeper dive into Keycloak, join us Thursday, September 20th, 2018 at 12 p.m. EDT for DevNation Live

Last updated: February 6, 2024