Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. Keycloak is based on standard protocols and supports OpenID Connect, OAuth 2.0, and SAML.
Single Sign-On: Users authenticate through Keycloak instead of individual apps, eliminating the need for separate login forms and user management. Once logged in to Keycloak, users can access all connected apps without reauthenticating. Logout is also centralized—logging out of Keycloak logs users out of all linked apps.
Identity brokering and social login – Add social login or connect existing OpenID Connect/SAML 2.0 identity providers via the admin console. No code changes are required.
User federation – Keycloak supports LDAP and Active Directory integration and allows custom providers for other user stores like relational databases.
Admin console – Admins can centrally manage Keycloak, including features, identity brokering, user federation, applications, authorization policies, users, and sessions.
Account management console – Users can update profiles, change passwords, set up two-factor authentication, manage sessions, view history, and link accounts with additional identity providers.
Keycloak is available for free download on GitHub.
Must read: