The video from the last DevNation Live: Securing apps and services with Keycloak is now available to watch online. In this session, you will learn how to secure web/HTML5 applications, single-page and mobile applications, and services with Keycloak. Keycloak can be used to secure traditional monolithic applications as well as microservices and service mesh-based applications that need secure end-to-end authentication for all front- and back-end services. The examples in the video cover PHP, Node.js, and HTML/JavaScript.
Securing applications and services is no longer just about assigning a username and password. You need to manage identities. You need to integrate with legacy and external authentication systems to provide features that are in demand like social logins and single sign-on (SSO). Your list of other requirements may be long. But you don’t want to develop all of this yourself, nor should you.
In this session, Red Hat's Stian Thorgensen, who is an engineering lead for Red Hat Single Sign-On and the community project lead on the Keycloak open source identity and access management software project, takes you through actual code and the underlying concepts.
https://www.youtube.com/watch?v=mdZauKsMDiI
Agenda
- Brief overview of Keycloak
- If you need a more detailed introduction to Keycloak, watch this previous DevNation Live video or see the resources below
- OpenID Connect and OAuth 2.0 vs SAML v2.0
- When to use OIDC and when to use SAML
- Adapters for securing applications and services with Keycloak
- Data/process flows for:
- Securing a traditional/monolithic application
- Securing a single-page or mobile app
- Securing back-end services to provide end-to-end authentication of front-end and back-end services
- Examples covering:
- HTML5/JavaScript
- PHP
- REST service with Node.js
Resources and more information
- Blog post: Single Sign-On Made Easy with Keycloak/Red Hat SSO
- Keycloak website
- Demo code used in this session
- [DevNation Live Video] Secure Spring Boot Microservices with Keycloak
- Deploying and running Keycloak on OpenShift
- Keycloak on Kubernetes
- Blog post: Docker Authentication with Keycloak
- Blog post: OpenID Connect Identity Brokering with Red Hat Single Sign-On
Last updated: February 28, 2022