Overview
Our application should make it possible for users to authenticate using a centralized identity provider instead of relying on a custom-built authentication mechanism.
To achieve this, we integrate Keycloak as an external Identity and Access Management solution. This enables users to log in either with locally managed credentials or via third-party providers such as Google or GitHub using standardized protocols like OpenID Connect (OIDC) and OAuth 2.0.
This will result in removing the own authentication logic from the application, reducing implementation complexity and minimizing security risks associated with handling credentials, password storage, and authentication flows.
Authentication responsibilities are fully delegated to Keycloak, while the application focuses on business logic and authorization decisions based on the issued tokens.
Overview
Our application should make it possible for users to authenticate using a centralized identity provider instead of relying on a custom-built authentication mechanism.
To achieve this, we integrate Keycloak as an external Identity and Access Management solution. This enables users to log in either with locally managed credentials or via third-party providers such as Google or GitHub using standardized protocols like OpenID Connect (OIDC) and OAuth 2.0.
This will result in removing the own authentication logic from the application, reducing implementation complexity and minimizing security risks associated with handling credentials, password storage, and authentication flows.
Authentication responsibilities are fully delegated to Keycloak, while the application focuses on business logic and authorization decisions based on the issued tokens.