Building secure applications with keycloak (OIDC/JWT)
Building an enterprise level single sign-on application with the help of keycloak (Open Source Identity and Access Management).
And understanding the way to secure your application; frontend & backend API’s. Managing user federation with minimum configuration.
Overview to Keycloak (Open Source Identity and Access Management)
- Concepts: realm, client ID configuration, OIDC/SAML, security etc
- Keycloak adapters (which & why?)
- Understanding Json Web Token (JWT).
- Integrating frontend(Angular/React) with keycloak adapter.
- JWT Validation at backend & securing API end-points
- Access token/refresh token
I am Abhishek Koserwal, working as full-stack engineer at Redhat. Building full-stack applications (angular/react, spring-boot) based on principles of cloud native container design principles on Openshift platform. Invovles various redhat external/internal business application. We heavily use keycloak for securing our enterprise applications & implemented in production application.