Keycloak: Identity and Access Management for Modern Applications: Harness the power of Keycloak, OpenID Connect, and OAuth 2.0 protocols to secure applications

June 13, 2021
Keycloak: Identity and Access Management for Modern Applications: Harness the power of Keycloak, OpenID Connect, and OAuth 2.0 protocols to secure applications

Learn to leverage the advanced capabilities of Keycloak, anopen-source identity and access management solution, to enableauthentication and authorization in applicationsKey FeaturesGet up to speed with Keycloak, OAuth 2.0, and OpenID Connectusing practical examplesConfigure, manage, and extend Keycloak for optimizedsecurityLeverage Keycloak features to secure different applicationtypesBook DescriptionImplementing authentication and authorization for applicationscan be a daunting experience, often leaving them exposed tosecurity vulnerabilities. Keycloak is an open-source solution foridentity management and access management for modernapplications.Keycloak - Identity and Access Management for ModernApplications is a comprehensive introduction to Keycloak, helpingyou get started with using it and securing your applications.Complete with hands-on tutorials, best practices, andself-assessment questions, this easy-to-follow guide will show youhow to secure a sample application and then move on to securingdifferent application types. As you progress, you will understandhow to configure and manage Keycloak as well as how to leveragesome of its more advanced capabilities. Finally, you'll gaininsights into securely using Keycloak in production.By the end of this book, you will have learned how to installand manage Keycloak as well as how to secure new and existingapplications.What you will learnUnderstand how to install, configure, and manage KeycloakSecure your new and existing applications with KeycloakGain a basic understanding of OAuth 2.0 and OpenID ConnectUnderstand how to configure Keycloak to make it ready forproduction useDiscover how to leverage additional features and how tocustomize Keycloak to fit your needsGet to grips with securing Keycloak servers and protectingapplicationsWho this book is forDevelopers, sysadmins, security engineers, or anyone who wantsto leverage Keycloak and its capabilities for application securitywill find this book useful. Beginner-level knowledge of appdevelopment and authentication and authorization is expected.Table of ContentsGetting Started with KeycloakSecuring Your First ApplicationBrief Introduction to StandardsAuthenticating Users with OpenID ConnectAuthorizing Access with OAuth 2.0Securing Different Application TypesIntegrating Applications with KeycloakAuthorization StrategiesConfiguring Keycloak for ProductionManaging UsersAuthenticating UsersManaging Tokens and SessionsExtending KeycloakSecuring Keycloak and ApplicationsAbout the AuthorStian Thorgersen started his career at Arjuna Technologiesbuilding a cloud federation platform, years before most companieswere even ready for a single-vendor public cloud. He later joinedRed Hat, looking for ways to make developers' lives easier, whichis where the idea of Keycloak started. In 2013, Stian co-foundedthe Keycloak project with another developer at Red Hat.Today, Stian is the Keycloak project lead and is also the topcontributor to the project. He is still employed by Red Hat as asenior principal software engineer focusing on identity and accessmanagement, both for Red Hat and for Red Hat's customers.In his spare time, there is nothing Stian likes more thanthrowing his bike down the mountains of Norway.Pedro Igor Silva is a proud dad of amazing girls. He started hiscareer back in 2000 at an ISP, where he had his first experienceswith open source projects such as FreeBSD and Linux, as well as aJava and J2EE software engineer. Since then, he has worked indifferent IT companies as a system engineer, system architect, andconsultant.Today, Pedro Igor is a principal software engineer at Red Hatand one of the core developers of Keycloak. His main area ofinterest and study is now IT security, specifically in theapplication security and identity and access management spaces.In his non-working hours, he takes care of his plantedaquariums.