Skip to main content
Redhat Developers  Logo
  • Products

    Featured

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat OpenShift AI
      Red Hat OpenShift AI
    • Red Hat Enterprise Linux AI
      Linux icon inside of a brain
    • Image mode for Red Hat Enterprise Linux
      RHEL image mode
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • Red Hat Developer Hub
      Developer Hub
    • View All Red Hat Products
    • Linux

      • Red Hat Enterprise Linux
      • Image mode for Red Hat Enterprise Linux
      • Red Hat Universal Base Images (UBI)
    • Java runtimes & frameworks

      • JBoss Enterprise Application Platform
      • Red Hat build of OpenJDK
    • Kubernetes

      • Red Hat OpenShift
      • Microsoft Azure Red Hat OpenShift
      • Red Hat OpenShift Virtualization
      • Red Hat OpenShift Lightspeed
    • Integration & App Connectivity

      • Red Hat Build of Apache Camel
      • Red Hat Service Interconnect
      • Red Hat Connectivity Link
    • AI/ML

      • Red Hat OpenShift AI
      • Red Hat Enterprise Linux AI
    • Automation

      • Red Hat Ansible Automation Platform
      • Red Hat Ansible Lightspeed
    • Developer tools

      • Red Hat Trusted Software Supply Chain
      • Podman Desktop
      • Red Hat OpenShift Dev Spaces
    • Developer Sandbox

      Developer Sandbox
      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Secure Development & Architectures

      • Security
      • Secure coding
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
      • View All Technologies
    • Start exploring in the Developer Sandbox for free

      sandbox graphic
      Try Red Hat's products and technologies without setup or configuration.
    • Try at no cost
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • Java
      Java icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • API Catalog
    • Product Documentation
    • Legacy Documentation
    • Red Hat Learning

      Learning image
      Boost your technical skills to expert-level with the help of interactive lessons offered by various Red Hat Learning programs.
    • Explore Red Hat Learning
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

Red Hat Single Sign-On: Give it a try for no cost!

 

February 7, 2019
Nicolas Massé
Related topics:
KubernetesSecurity
Related products:
Red Hat OpenShift

Share:

    In a software world where each day is more hostile than the previous one, security matters and developers are coping with more and more non-functional requirements about security. The most common ones are the "OWASP Top 10": the ten security risks that every developer should know. There are many more security risks you should care about, but those ten risks are the ones having the most impact on the security of your software. Among them are authentication and access control.

    The good news is that authentication and access control are now commodities in the open source world, thanks to Red Hat Single Sign-On Red Hat Single Sign-On is an access management tool that takes care of the details of most authentication protocols such as SAML, OAuth, and OpenID Connect; user consent with UMA; and even access control. It is easy to use, is very well-documented, and has a very active community: Keycloak.

    This article describes how to download and install Red Hat Single Sign-On for no cost.

    Why not give it a try?

    Red Hat Single Sign-On is part of the Red Hat Middleware Core Services Collections (formerly called Red Hat JBoss Core Services Collection), and this means it is shipped and supported with OpenShift and most products of the Red Hat middleware portfolio. If you are already using those products in your company, chances are you can already use and deploy Red Hat Single Sign-On.

    Alternatively, as a developer, you can also try Red Hat Single Sign-On through a developer subscription at no cost. If you already have a developer account, go to developers.redhat.com, click "Log in" in the upper right corner, and log in.

    Register for a developer subscription

    If you don't already have a developer subscription, go to developers.redhat.com/register and create your account.

    Create a token to access the Red Hat registry

    You will need to create a token to be able to fetch Red Hat Single Sign-On from the Red Hat registry. Go to access.redhat.com/terms-based-registry, log in with your developer account (if you have not already done so), and click "New Service Account."

    Give the token a name (for the rest of this article, we will use "sso") and a meaningful description.

    Click "Create" and the generated token is displayed. Save the username and the token in a safe place for future reference.

     Generating a token

    Click the "OpenShift Secret" tab and then "sso-secret.yaml" to download your token in a format OpenShift will understand. Save it somewhere convenient for later use.

    Download your token

    Install Red Hat Single Sign-On

    To install Red Hat Single Sign-On, you will need an OpenShift instance. If your company has one, use it. If not, I would recommend using Red Hat Container Development Kit (CDK)/minishift. Minishift is an OpenShift installation targeted at developers that runs on your laptop. If you need to install CDK/minishift, see these instructions.

    Spin up a minishift instance:

    $ minishift start

    Create a new project for your Red Hat Single Sign-On deployment:

    $ oc new-project sso

    Inject the token you downloaded previously in your OpenShift project, as a secret:

    $ oc create -f ~/Downloads/*_sso-secret.yaml

    Find the name of your secret:

    $ oc get secret
    NAME                       TYPE                                  DATA      AGE
    10072637-sso-pull-secret   kubernetes.io/dockerconfigjson        1         3m

    If you named your token "sso" as suggested above, your secret should end with "-sso-pull-secret." In this example, my secret is named "10072637-sso-pull-secret."

    Link your token with the default service account so that any pod in this project can use it (do not forget to change "10072637-sso-pull-secret" to your token name):

    $ oc secrets link default 10072637-sso-pull-secret --for=pull

    And import the Red Hat Single Sign-On 7.3 image into your project:

    $ oc import-image redhat-sso73-openshift:1.0 --confirm --scheduled --from=registry.redhat.io/redhat-sso-7/sso73-openshift:1.0

    You can now deploy Red Hat Single Sign-On 7.3 as explained in the documentation.

    Are you eager to see Red Hat Single Sign-On live but you do not want to read the documentation? Here is a summary:

    $ oc create -f https://raw.githubusercontent.com/jboss-container-images/redhat-sso-7-openshift-image/sso73-dev/templates/sso73-x509-https.json
    $ oc policy add-role-to-user view system:serviceaccount:$(oc project -q):default
    $ oc new-app --template=sso73-x509-https -p SSO_ADMIN_USERNAME=admin -p SSO_ADMIN_PASSWORD=password -p IMAGE_STREAM_NAMESPACE=$(oc project -q)

    Wait a couple of minutes for minishift to pull the image and start the pod. You can supervise the deployment with the following command (press Ctrl-C to exit):

    $ oc get pods -w

    Once deployed, display the console URL using this command:

    $ oc get route sso -o jsonpath='http://{.spec.host}/auth/admin/'

    Open this URL in your web browser and log in with the username and password you provided during installation (admin/password, in this example).

    Congratulations; you just installed Red Hat Single Sign-On!

    Further reading

    To get the most value out of Red Hat Single Sign-On, see the Server Administration Guide and the Securing Applications and Services Guide.

    You might also wish to read Using a public certificate with Red Hat Single Sign-On/Keycloak.

    Happy testing!

    Last updated: August 1, 2023

    Recent Posts

    • Meet the Red Hat Node.js team at PowerUP 2025

    • How to use pipelines for AI/ML automation at the edge

    • What's new in network observability 1.8

    • LLM Compressor: Optimize LLMs for low-latency deployments

    • How to set up NVIDIA NIM on Red Hat OpenShift AI

    Red Hat Developers logo LinkedIn YouTube Twitter Facebook

    Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform

    Build

    • Developer Sandbox
    • Developer Tools
    • Interactive Tutorials
    • API Catalog

    Quicklinks

    • Learning Resources
    • E-books
    • Cheat Sheets
    • Blog
    • Events
    • Newsletter

    Communicate

    • About us
    • Contact sales
    • Find a partner
    • Report a website issue
    • Site Status Dashboard
    • Report a security problem

    RED HAT DEVELOPER

    Build here. Go anywhere.

    We serve the builders. The problem solvers who create careers with code.

    Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

    Sign me up

    Red Hat legal and privacy links

    • About Red Hat
    • Jobs
    • Events
    • Locations
    • Contact Red Hat
    • Red Hat Blog
    • Inclusion at Red Hat
    • Cool Stuff Store
    • Red Hat Summit

    Red Hat legal and privacy links

    • Privacy statement
    • Terms of use
    • All policies and guidelines
    • Digital accessibility

    Report a website issue