George Thomas

IAM Engineer at Skycloak

George is an IAM engineer with 23+ years in software engineering, including 14+ years specializing in identity and access management. He designs and modernizes enterprise IAM platforms with deep expertise in Keycloak, OAuth 2.0, OpenID Connect, SAML, and identity federation across cloud and hybrid environments. Previously at Trianz and a long-term contributor to Entrust IAM product engineering, George authors Skycloak's technical Keycloak tutorials.

21 articles published

Keycloak Identity and Access Management OAuth 2.0 OpenID Connect SAML Identity Federation IAM Architecture SSO

Articles by George Thomas

Keycloak CI/CD with GitHub Actions and Terraform

March 24, 2026 3 min read

Learn how to automate Keycloak using Terraform and GitHub Actions. Build a CI/CD pipeline with secure secrets, plan, and apply…

Keycloak Configuration as Code with Terraform

March 24, 2026 3 min read

Learn how to manage Keycloak using Terraform with Configuration as Code. Step-by-step guide with client setup, roles, and best practices.

Client Credentials Flow with Skycloak and Node.js

March 17, 2026 3 min read

Learn Client Credentials flow using Skycloak and Node.js. Implement secure machine-to-machine authentication with practical examples.

DPoP with Keycloak Admin API Using Node.js

February 26, 2026 6 min read

Implement DPoP proof-of-possession tokens with Keycloak Admin API using Node.js to prevent token replay attacks and secure API access.

Securing MCP Servers with Keycloak OAuth 2.0

February 5, 2026 6 min read

Learn how to secure Model Context Protocol (MCP) servers using Keycloak OAuth 2.0 with token introspection, audience validation, and RFC…

Using SCIM 2.0 with Skycloak (Managed Keycloak)

December 22, 2025 4 min read

Configure SCIM 2.0 in Keycloak using Skycloak with external JWT authentication for automated user provisioning and lifecycle management.

Secure React API Access Using Keycloak (OIDC + PKCE)

December 14, 2025 5 min read

Learn how to secure React API access with Keycloak using OIDC Authorization Code Flow and PKCE for browser-based single-page applications.

Forward Keycloak Events to SIEM via Skycloak HTTP Webhook

December 10, 2025 4 min read

Learn how to forward Keycloak authentication events, server logs, and security telemetry to your SIEM platform using Skycloak HTTP webhook…

Path-Based IP Restriction for Keycloak Admin Console

December 8, 2025 3 min read

Restrict Keycloak admin console access using IP and CIDR-based whitelisting on Skycloak to secure the /admin/* path from unauthorized access.

Fine-Grained Authorization in Keycloak Explained

December 5, 2025 4 min read

Understand how Keycloak fine-grained authorization works using UMA policies, scopes, and RPT or JSON-based decisions for secure resource access control.

1 2 3 Next