A link between an LDAP directory to Keycloak could be considered as a "must have". Many times, companies want to connect their directory to a Keycloak. Keycloak could be considered as an "OpenId Connect proxy" between webapps and an Active Directory.
Keycloak can retrieve users from LDAP, synchronize groups, roles or custom attributes. Let's have a complete tour of what you can do with this connector.
Posted on Mon 27 September 2020
Authorization code grant (also named "auth_code") is one of the most popular authentication method on the web. Every oauth2 provider implements this flow which is the best for web authentication. Facebook, Google, Twitter, Linkedin... all of them use it (or partially, we will explain why).
Posted on Wed 02 July 2020
Autoriser les accès à mon API à des services tiers :
Posted on Wed 23 April 2020
OpenVPN allows usage of PAM modules. By using an oauth2 client PAM module and
password grant, we can use our own SSO (Keycloak) to authenticate users on a VPN infrastructure.
For Oauth2 providers which do not allow Password Grant, we will use a "token authentication" by providing a valid token instead of a password. Code and demo with Google as authentication provider.
Posted on Thu 2 April 2020
Oauth2 dans le monde des ops :
Posted on Wed 25 March 2020