Keycloak provides Single Sign-On based on widely used protocols such as OpenID Connect 1.0, OAuth 2.0 and SAML2, that are easy to integrate with own applications. Keycloak comes with many batteries included, e.g. user management, user registration, 2-factor authentication, support for external identity providers such as Google, Facebook, Twitter, custom look-and-feel and integration with directory services like LDAP, Kerberos or Active Directory. Additionally, Keycloak offers a comprehensive extension model that makes it easy to adapt it to your own needs.
After a short overview of Keycloak features, we will introduce some core concepts with a guided tour through Keycloaks Admin UI. We then take an in-depth look at an OAuth / OpenID Connect based authentication flow. After those foundations are set we will demonstrate possibilities for integrating Keycloak in selected authentication scenarios. We conclude the talk with a brief demo of an centralized identity management infrastructure, built around Keycloak.