Blog

Insights on Identity, Security & Keycloak

Tutorials, deep dives, and best practices from the Skycloak team.

Logo slide: 'Locke' branding with the subtitle 'Keycloak on Redis' on a dark blue background with circular shapes.
keycloak-operations Latest

Introducing Locke: a Keycloak Distribution That Lets You Choose Your Cache

Locke is an Apache 2.0 distribution of Keycloak that ships with both embedded Infinispan and a Redis cache backend, selectable at boot with KC_CACHE. Here is why we built it…

Guilliano Molaire Guilliano Molaire 6 min read
Tutorials

Keycloak as a SAML Service Provider: The Complete Guide

Configure Keycloak as a SAML 2.0 Service Provider: identity brokering, metadata exchange, assertion validation, attribute mapping, and common SP errors.

Guilliano Molaire Guilliano Molaire 13 min read
Cross-Region Identity Replication: Global Authentication Architecture
Tutorials

Configuring MFA in Keycloak: Enterprise Patterns

A practical guide to configuring MFA in Keycloak, covering OTP policies, WebAuthn, conditional flows, client-specific overrides, and token-based MFA detection.

Guilliano Molaire Guilliano Molaire 13 min read
Tutorials

Monitoring Keycloak with Prometheus and Grafana

Monitor Keycloak with Prometheus and Grafana: enable metrics, track authentication KPIs, build dashboards, and define SLOs for your identity stack.

Guilliano Molaire Guilliano Molaire 9 min read
Authentication Error Handling: User Experience and Security Balance
Tutorials

Authentication Error Handling in Keycloak: Customizing Error Pages and User Experience

Learn how to customize Keycloak error pages, handle OAuth/OIDC errors in your app, and configure brute force protection for secure,…

Guilliano Molaire Guilliano Molaire 11 min read
Definition and Basics

Third-Party Cookies, FedCM, and What Breaks in Keycloak.js

How third-party cookie deprecation breaks Keycloak's silent SSO and session checks in keycloak.js, what FedCM is, and how to keep…

Guilliano Molaire Guilliano Molaire 13 min read
security

Keycloak CAEP & Shared Signals: Continuous Access Evaluation

What CAEP and the Shared Signals Framework are, where Keycloak's experimental SSF support stands (targeting v26.7.0), and how to approximate…

Guilliano Molaire Guilliano Molaire 9 min read
comparisons

Keycloak vs WorkOS: B2B SSO Compared

Keycloak vs WorkOS for B2B SaaS: open-source self-hosted IdP vs a managed enterprise-SSO API. Licensing, SSO/SCIM, control, and cost model…

Guilliano Molaire Guilliano Molaire 10 min read
comparisons

Keycloak vs WorkOS: B2B SSO Compared

Keycloak vs WorkOS for B2B SaaS: open-source self-hosted IdP vs a managed enterprise-SSO API. Licensing, SSO/SCIM, control, and cost model…

Guilliano Molaire Guilliano Molaire 10 min read
comparisons

Keycloak vs AWS IAM Identity Center: Workforce SSO Compared

Keycloak vs AWS IAM Identity Center compared: scope, AWS-account permission sets, hosting, cost, and why teams often federate Keycloak into…

Guilliano Molaire Guilliano Molaire 9 min read
1 2 3 21

Stay ahead on identity & security

Get tutorials, product updates, and Keycloak tips delivered to your inbox.

Start Free Trial Talk to Sales
© 2026 Skycloak. All Rights Reserved. Design by Yasser Soliman