How to secure your Microservices with Keycloak - Thomas Darimont 

One of the best explanation of SSO in Keycloak using OIDC I've ever seen

02:22 Overview 05:28 Features 09:02 Main Concepts 11:48 Quick Tour - Admin Console 12:43 Admin Console Demo - Configure 19:00 Admin Console Demo - Manage 20:12 Technology Stack 22:04 Server Architecture 24:59 SSO with OIDC 29:34 Keycloak Tokens 33:22 JSON Web Tokens 34:42 JWT Example 36:39 Calling Backend Services with Access Token 39:17 Keycloak Client Integrations 41:25 Keycloak Demo - Securing Apps 41:28 Demo Environment 41:54 Demo Services 45:35 Demo Applications 47:10 Github Repository 47:55 Keycloak in the field 51:54 Summary 53:05 Keycloak Extension Playground

Finaly i got best of explanation about SSO with Keycloak big thanks

Great demo! I learned a lot of stuff, not just keycloak. I kinda feel that Keycloak can be a great substitute for Auth0.

Awesome presentation. Thanks Thomas :D

Thanks a lot Thomas. One of the best sessions I watched in recent times. Very informative. Learned a lot. Will definitely give a try.

This was great!!! Completely answered questions I had about backend validating tokens

Hat's off to you Thomas; truly great insight on KeyCloak and its capabilities. I was badly looking for AD/ADFS integration and was not getting right pointers. Thank you very much; you are a great professional !!!

Great introduction! Thank you Thomas!

A very good introduction and overview! Just what I was looking for to start with Keycloak! Vielen Dank!!

Simply awesome. Thank you so much!

Thanks. Well prepared, well presented, Informative demo and presentation. Learned a lot in this session.

Thank you very much. That was a great session

i love it how he pronounces single sign on as "sing a song"

Great. A very useful demo covering almost everything that we need to secure applications using Keycloak. Thanks a lot.

great info and very good demo! thanks thomas!

Awesome Video! Very helpful content. You also did a great job explaining! Thank you!

Great talk. Thanks, Thomas.

Hello, thanks a lot for the great presentation. Just to add, if you want the ability to revoke Access Tokens before they expire, you can use the introspection endpoint instead of checking the signature.

Great Demo!!!Learned a lot Requesiting for few more videos on keycloak with indepth explanation to expertise in keycloak

Thanks for summing up a lot of info within an hour!

This looks awesome! Thank you!

Great demo ! Thanks

Great talk! Thanks

Simply Awesome

Very informative tutorial. Many concepts are clearly explained. I played the video at the speed of 0.75x.

Quite amazing!

Spectacular Demo

Great Demo!!

Great talk!

Nice presentation.

that's realy great

Keycloak helped us in our application. The only downside i have seen is that there are many options and you need good jargon knowledge.

For anyone curious as to why they cannot find Keycloak Gatekeeper anymore, it was moved out of the Keycloak governance group earlier in 2020. Details can be found here: groups.google.com/forum/#!topic/keycloak-dev/oDyw94BWxM0

Thanks for the useful video. I am facing configuring public IP addresses on keycloak. would you mind telling if any specific configuration needs to be noted?

Can we add into the access token, the location of the original request? Like, the application where the login was initiated from?

Do we need to define security constraint in application.yml?

Thanks, great demo. I have a question, I've my react-front and back-spring-api securized with keycloak. Why when I logout from react-app or close all session in keycloak admin console before that the token expire, I still can call rest api backend using the previous token generated at login moment (postman)? *backend-spring-api config* _"client-id": "my-public-client",_ _"bearer-only": true,_ _"auth-server-url": "localhost:8180/auth",_ _"realm": "my-realm"_

Let's say it's an Order API and I want to see only my Order and I should not have access to modify my Order. However, a Sales Agent can. Is it possible using keycloak?

noice

hi, you are doing great job, if posible please make tutorilas on flask keycloak integration.. thank you

Unfortunately this is the old keycloak version. Many things have changed, especially the UI.

Right?

Great! Really impressive! Now rewrite it in golang! Basically every application I am dealing with need this functionality the problem is jboss, Jboss, or any other "container", it is orrible I dont wanna have it around never, at least rewrite it to run without jboss and will be ok for me.

46:55 "Zack" hehe

Where can I find the slides?

Bye bye Auth0