Technology · Ebook

Keycloak: Identity and Access Management

by Shriira Press

Keycloak is an open-source Identity and Access Management (IAM) solution — it provides authentication, authorization, single sign-on, and user management for your applications so they don't have to build it themselves. This free book teaches it from the ground up: the identity problem and what Keycloak is, identity concepts and protocols (OAuth 2.0, OpenID Connect, SAML, JWTs), Keycloak's architecture and core concepts (realms, clients, users, roles), realms and clients (organizing identity, registering apps), authentication and single sign-on (login flows, sessions, SSO), OIDC and OAuth in Keycloak (securing frontends and APIs with tokens), users/roles/authorization (RBAC and fine-grained policies), identity brokering and federation (social login, LDAP/AD), security features (MFA, password policies, hardening), and operating Keycloak in practice (deployment, customization, the ecosystem). Ten focused chapters with clear diagrams that demystify modern identity — delegate authentication to a secure, standards-based, central identity provider, and stop reinventing login for every app.

Contents

1. 1Preface
2. 2Chapter 1 — What Keycloak Is
3. 3Chapter 2 — Identity Concepts and Protocols
4. 4Chapter 3 — Architecture and Core Concepts
5. 5Chapter 4 — Realms and Clients
6. 6Chapter 5 — Authentication and Single Sign-On
7. 7Chapter 6 — OIDC and OAuth in Keycloak
8. 8Chapter 7 — Users, Roles, and Authorization
9. 9Chapter 8 — Identity Brokering and User Federation
10. 10Chapter 9 — Security Features and Hardening
11. 11Chapter 10 — Operating Keycloak in Practice