security
Articles about security from the Skycloak team.
Keycloak Refresh Token Rotation: Setup and Best Practices
How to configure refresh token rotation in Keycloak: revoke-on-use, reuse detection, token lifetimes, SPA vs confidential clients, and security best…
11 min read
Keycloak UMA 2.0: User-Managed Resource Sharing
A practical guide to User-Managed Access (UMA 2.0) in Keycloak: the permission ticket flow, RPT tokens, resource sharing, and when…
11 min read
Keycloak Authorization Services: Policy Types Explained
Keycloak Authorization Services explained: resources, scopes, permissions, and every policy type (role, group, time, regex, JS, aggregate) and when to…
11 min read
The Keycloak Security Hardening Checklist
A practical Keycloak security hardening checklist: TLS, proxy and hostname config, brute-force defense, token and session settings, admin access, and…
10 min read
The Keycloak Security Hardening Checklist
A practical Keycloak security hardening checklist: TLS, proxy and hostname config, brute-force defense, token and session settings, admin access, and…
10 min read
Keycloak Auditing & Event Logging: The Complete Guide
A complete guide to Keycloak auditing: login and admin events, event listeners, retention, SIEM forwarding, alerting, and security best practices.
16 min read
Keycloak CAEP & Shared Signals: Continuous Access Evaluation
What CAEP and the Shared Signals Framework are, where Keycloak's experimental SSF support stands (targeting v26.7.0), and how to approximate…
9 min read
Integrating Skycloak Security Logs Using Syslog
Learn how to forward Skycloak security logs to external SIEM platforms via syslog for centralized monitoring, alerting, and compliance.
8 min read
Securing Keycloak with Skycloak’s Configurable WAF
Learn how to configure Skycloak's built-in WAF to protect your Keycloak deployment from brute force attacks, credential stuffing, and DDoS…
8 min read
Geo-Blocking Your Keycloak Cluster Using Skycloak
Learn how to restrict access to your Keycloak cluster by country using Skycloak's built-in geo-blocking, reducing attack surface and meeting…
8 min read
Stay ahead on identity & security
Get tutorials, product updates, and Keycloak tips delivered to your inbox.