Securing apps and services with Keycloak (Watch DevNation Live video)

August 28, 2018

Security

Burr Sutter

Guest Author

The video from the last DevNation Live: Securing apps and services with Keycloak is now available to watch online. In this session, you will learn how to secure web/HTML5 applications, single-page and mobile applications, and services with Keycloak. Keycloak can be used to secure traditional monolithic applications as well as microservices and service mesh-based applications that need secure end-to-end authentication for all front- and back-end services. The examples in the video cover PHP, Node.js, and HTML/JavaScript.

Securing applications and services is no longer just about assigning a username and password. You need to manage identities. You need to integrate with legacy and external authentication systems to provide features that are in demand like social logins and single sign-on (SSO). Your list of other requirements may be long. But you don’t want to develop all of this yourself, nor should you.

In this session, Red Hat's Stian Thorgensen, who is an engineering lead for Red Hat Single Sign-On and the community project lead on the Keycloak open source identity and access management software project, takes you through actual code and the underlying concepts.

https://www.youtube.com/watch?v=mdZauKsMDiI

Agenda

Brief overview of Keycloak
- If you need a more detailed introduction to Keycloak, watch this previous DevNation Live video or see the resources below
OpenID Connect and OAuth 2.0 vs SAML v2.0
- When to use OIDC and when to use SAML
Adapters for securing applications and services with Keycloak
Data/process flows for:
- Securing a traditional/monolithic application
- Securing a single-page or mobile app
- Securing back-end services to provide end-to-end authentication of front-end and back-end services
Examples covering:
- HTML5/JavaScript
- PHP
- REST service with Node.js

Resources and more information

Blog post: Single Sign-On Made Easy with Keycloak/Red Hat SSO
Keycloak website
- Keycloak source code on GitHub
- Community mailing list
Demo code used in this session
[DevNation Live Video] Secure Spring Boot Microservices with Keycloak
- Blog post: Easily Secure Your Spring Boot Applications with Keycloak
Deploying and running Keycloak on OpenShift
Keycloak on Kubernetes
Blog post: Docker Authentication with Keycloak
Blog post: OpenID Connect Identity Brokering with Red Hat Single Sign-On

For a deeper dive into Keycloak, join us Thursday, September 20th, 2018 at 12 p.m. EDT for DevNation Live

Last updated: August 27, 2018

Comments

Securing apps and services with Keycloak (Watch DevNation Live video)

Agenda

Resources and more information

Red Hat Developer roundup: Best of November 2021

Normalize web services with Camel K and AtlasMap, Part 2

Build and extend containerized applications with Project Thoth

How we implemented an authorization cache for Envoy proxy

Normalize web services with Camel K and AtlasMap, Part 1

Comments