Keycloak Reviews

i like the way we can customise it according to our ease and requirements. with the single sign in only we can get the acces of all the applications running on the keyclaok we need not to login for each application individually.the apis are opensource and freely available with its user interface to navigate through all the roles, groups and users. i am currently using it in my application as a tool for giving the screen level access to the users based on their attributes and roles assigned to them. it handles everything perfectly and never goes down.its secure and provides token based authentication and authorisation to the applicantion with which it has integrated.i am currently using it with spring boot which is basically the java based framework and it works smoothly and perfectl and l like to use it instead of java authentication and authorisation techniques becaue its simple and easy to use without any complexity.

i am using it from last 2.5 years and i did not found anything wrong about keyclaok it works perfectly and i dont have any point to mention the dislikes of keyclaok its awesome tool.

i am a developer and i use keycloak to provide the authentication and role based authorisation to organisation's application . keycloak is benefiting me to use the predefined application to secure my applcation and providing helping as an awesome access management tool. as my company is fintech company and there are many roles like sales, credit manager and central ops etc. and we provide only limited screen access to each role so that everyone's work can be encapsulated and didnt get affected by anyones intervention. keycloak helps to solve this problem and very well which benefit the organisation to solve its access management problem.

defining policies and assigning roles to it

Using scope based implementation in keycloak

rather than using application-specific security rules, rather than for combined applications just by defining the same resources in keycloak

Its open source, extendable, functional, verry good support from email group

Documentation while good, is very short of what keycloak can do. It could possible do alot more. Also new relases are ver frequently.

Make a good research about what could you do. how are you gonna migrate the users, dont be afraid to use and build own spi tools,

Supporting multiple identity providers is the best option for us. Also, OIDC out of the box, password policies and brute force detection are very handy. If you implement keycloak to your organisation you receive enourmous options

The whole security service out of the box.

Session and Token Timeouts management is hard to validate changes

Fast integration with other systems.

User management, integration with Jira and Kibana

We are using it for authentication purpose.

Its little bit confusing and complex to setup.

Please use for authentication purpose keycloak

We are managing authentication using keycloak.

The ui is easy to use and it's easy to deploy.

If running keycloak as a docker container, sometimes it doesn't start and then it's little difficult to troubleshoot

Recommended as useful tool

Best SSO tool and easy to integrate with grafana, Elk etc

Keycloak is an open source identity provider

support all oauth flows

rich community

easy to learn

you can plug your own features

I wanted to contribute in keycloak community the request take too much time to be reviewed

Keycloak is easy to use and follow the standards of oauth

single sign on with multiple applications

user authentication using access token

The handling of user in UI and that will make the work easier.

Management of realms outside using code is complexity

Authentication and authorisation and i am getting benefits of managing user in UI easily

The tool has a clean and easy to access admin console. Good resources and clear documentation help in using the tool quickly and to its best. Ability to write REST APIs to manage the user groups and permissions help in managing better.

Nothing to dislike overall. Had some trouble finding things in documentation to help write some APIs for the tool. But after some longer search, I could find some help either from official documentation or through other resources like stackoverflow. So maybe that's something you could improve on in having better structured documentation for Java APIs.

It is a very good product for the uses that we were looking for.

We have setup keycloak to manage the login authentication and manage user role permissions. It works perfect for our requirements. Was easy to setup a keycloak server and administrate the user accounts and permissions to various resources in the system.

You can united the all services and applications with the same authentication way using keycloack.

Also key cloak give you many implemented option to handle access and roles .

The UI is very helpful and usable

In some old versions I faced issues that the configuration is reset automatically, after I update it this issue is solved.

The main problem i faced that I need a way to handle authentication for a lot of existing applications and new ones, so keycloak solved this issue.

It is also give me already implemented solution for user management which I can share with the business admin and I can give him access to manage user since the UI is already implemented .