Keycloak: How To Create A PKCE Authorization Flow Client?
Learn to set up PKCE in Keycloak for secure OAuth 2.0 and OIDC flows, ensuring your app’s authentication is safe from interception
Guilliano Molaire
Choosing the Best Authorization Flows for Your App
Understand and recognize the current OAuth and OIDC Authorization flows to secure your frontend applications effectively
The Top 11 Identity-as-a-Service (IDaaS) Powerhouses On The Market
In a world where “Top 10” lists are pretty common, we will take a path less traveled. Let’s explore the top 11 IDaaS providers, showcasing those who lead not just in innovation and service but also in market presence and influence. What is IDaaS? Identity-as-a-Service (IDaaS) is a cloud-based solution that manages digital identities and … Read more
The Ultimate Best Guide on Keycloak Multi-Tenancy (Part 1)
Explore the ultimate guide on Keycloak multi-tenancy, comparing Monorealmism and Polyrealmism, and discover solutions to enhance security and manageability.
Zero Trust: A Thrilling New Era
I was recently discussing upcoming cybersecurity trends, and one topic kept popping up: Zero Trust. It’s a paradigm shift in how we secure our systems, and understanding it is crucial for developers, DevOps engineers, and dev managers alike. Before diving into Zero Trust, let’s revisit the traditional approach to network security, often referred to as … Read more
Unlock Safety: Secure Your Keycloak’s Master Realm Now!
I recently received the question: Can I use the Master Realm for my users? Let’s dive in to figure out whether it’s a good idea. TL;DR: No with some proof. Keycloak, a widely-used Identity and Access Management (IAM) solution, offers powerful capabilities for authenticating and managing users in your applications. One concept at the core … Read more
How to Run Keycloak Behind a Reverse Proxy?
Lately, I’ve been asked to assist with setting up Keycloak behind a reverse proxy. While it may seem straightforward to redirect calls to the new backend, in this case, Keycloak, the reality is more complex. In this blog post, we will delve into the parameters essential for successfully configuring Keycloak behind a reverse proxy. I’ll … Read more
What is The Best Strategy to Upgrade My Keycloak Cluster?
Coming from a Site Reliability Engineering (SRE) background, I often hear questions about the best way to upgrade an application in production. In this blog post, we’ll explore multiple strategies tailored to different scenarios on how you cloud upgrade your Keycloak instance/clusters. We won’t delve into details, but each option will be discussed in subsequent … Read more
What Is The Cost Of Self Hosting Keycloak?
Let’s dive into the costs and considerations of managing a high-availability Keycloak cluster on-premises versus cloud hosting.
How to Test Keycloak and PostgreSQL Upgrades Using Docker
Are you considering upgrading your Keycloak or PostgreSQL versions but worried about potential compatibility issues? This step-by-step guide will walk you through how to use Docker-compose to test different Keycloak versions against various PostgreSQL versions, ensuring a smooth and safe upgrade process. Why Compatibility Testing is Crucial Before diving into the technical process, it’s essential … Read more