Keycloak success stories from the OpenShift Commons Gathering, Amsterdam 2023.

2023년 5월 15일Valentina Rodriguez Sosa2분 읽기

OpenShift Commons Gathering included two talks about Keycloak, an open-source identity and access management solution for modern applications and services, built on top of industry security standard protocols.

The following topics were discussed:

Keycloak: the Open Source IAM for Modern Applications
Keycloak for Securing APIs a Case Study

Keycloak: the Open Source IAM for Modern Applications

This first talk was about how to secure applications by taking advantage of authentication and authorization mechanisms with all the flexibility you need and in a streamlined way.

The speaker, Alexander Schwartz, has worked with Keycloak for eight years; he’s now a part of the Engineering Team at Red Hat. Alexander presented an overview of the main functionalities of Keycloak to make applications secure by taking advantage of robust protocols such as OpenID Connect and OAUTH 2.0.

Alexander focuses on AuthZ and AuthN functionalities that are critical for applications to ensure that any access has been validated for authentication and authorization before accessing the application. Keycloak gives flexibility to developers, who can integrate with different enterprise mechanisms, such as any stores from LDAP to relational databases. Additionally, it provides features to strengthen security, such as Forget Password, One Time Password, and Update Password Policies.

Some of the highlights are:

Administrators can control the functionality by accessing a UI or a REST API, such as forgetting a password, remembering me, or enabling user registration.
Keycloak supports User Federation and Identity Brokering.
Enable continuous everything by exporting and importing realms, accessing REST API and CLI.
Keycloak can be used in any cloud or non-cloud environment.

Keycloak for Securing APIs a Case Study

The speaker, Yuichi Nakamura, Ph.D. Hitachi, Ltd. Director, shared challenges finding a robust solution for APIs that run everywhere. The speaker focused on a Japanese bank case that required a robust and comprehensive solution for API management solutions for containers on OpenShift.

Some of the highlights are:

How security is necessary to secure any API access from different systems and users.
A security mechanism is implemented with Keycloak based on token generation supporting different protocols.
High-level security is required, especially for the financial and public sectors.
FAPI (Financial grade API) is a security profile described as getting attention globally and integrated with OAUTH 2.0 and OpenID.

undefined-May-10-2023-04-50-32-2489-PM

Learn more about this security profile on the case study:

저자 소개

Valentina Rodriguez Sosa

Principal Technical Marketing Manager

Valentina Rodriguez is a Principal Technical Marketing Manager at Red Hat, focusing on the developer journeys in OpenShift and emerging technologies. Before this role, she worked with high-profile customers, helping them adopt new technologies, and worked closely with developers and platform engineers. Her background is in software engineering. She built software for 15 years, working in diverse roles from Developer to Tech Lead and Architect, from retail, healthcare, financial, e-commerce, telco, and many other industries. She loves contributing to the community and the industry and has spoken at conferences such as O'Reilly, KubeCon, Open Source Summit, Red Hat DevNation Day, and others. She's very passionate about technology and has been pursuing several certifications in this space, from frameworks to Kubernetes and project management. She possesses a Master's in Computer Science and an MBA.

Read full bio