1.9 KiB
Keycloak
Keycloak is an open-source Identity and Access Management (IAM) solution that simplifies handling user authentication, authorization, and identity federation. By centralizing these processes, it helps maintain a secure environment without forcing you to reinvent the wheel. Whether you’re dealing with standard login flows, integrating social logins (e.g. Google, GitHub), or managing roles across large teams, Keycloak provides a flexible and scalable foundation.
Main features
-
🔑 Single Sign-On (SSO):
Enable users to access multiple applications and services with a single set of credentials, reducing login fatigue and improving the user experience.
-
👥 User Federation:
Integrate your existing user stores—such as LDAP, Active Directory, or custom databases—without re-engineering your authentication layer.
-
🔒 Role-Based Access Control (RBAC):
Assign fine-grained roles and permissions to users or groups, making it easier to manage security policies at scale.
-
🌐 Social Login & Identity Brokering:
Offer seamless authentication through providers like Google, Facebook, or GitHub, saving time by not building these integrations yourself.
-
🛠️ Extensible & Customizable:
Adjust Keycloak’s behavior using custom providers, themes, or authentication flows that match your project’s unique requirements.
How Keycloak is integrated in the edpbuilder
A dedicated realm is used in Keycloak for the edpbuilder's stack. Currently Backstage and argo-workflows is configured to use Keycloak. Grafana and Forgejo are integrated next. Keycloak will be able, in a later step, to connect to the identity provider of an organisation (Azure AD DS for example).