Authentication Proxy: Simplify Authentication in Any Application

Discover how to add authentication to any application without code changes using our NGINX-based OpenID Connect proxy. Separate authentication from development, define public vs private URLs, and deploy effortlessly.

How we made our custom workflow with Keycloak way before workflow feature

Keycloak has released a preview Workflow feature https://www.keycloak.org/2025/10/workflows-experimental-26-4. Let’s take a look of how we made workflows years before…

A custom http header to token claim mapper for Keycloak

Map an HTTP header value to a claim in a token. This solution was needed for a specific use case : keep the user locale.

A JWT decoder in the system tray

We were tired of opening jwt.io each time so we built a simple tool with quick access from the system tray.

User Agent Filter Authenticator

We develop a new plugin for Keycloak that filters the user-agent header on authentication request.

Deploy Keycloak in Dokku

Deploy a Keycloak ready to production on Dokku.

Restrict roles to a subset through the "full scope allowed" switch

By default, a client has “roles” scope as “default” so a user will have all affected clients roles in its tokens. Learn how and why you must restrict roles in tokens by turning off “full scopes allowed” switch.

Nocode event-listener in Keycloak

Create your own nocode event-listener for Keycloak with n8n.

GMail extension : create a gitlab issue

With Google Apps Script, we created a gmail extension that interacts with Gitlab.

LDAP Bind proxy : login to Keycloak with LDAP

How to spawn a simple bind LDAP proxy for keycloak OIDC password grant in a nutshell.