access
management
Provide secure and streamlined access to applications
and services through single sign-on.
02
access
Keycloak
The Access Management layer relies on Keycloak, which is an open-source authentication and authorization tool that provides single sign-on (SSO) capabilities for web applications and RESTful web services. It supports various authentication protocols, including OpenID Connect (OIDC), OAuth 2.0, and SAML, making it a versatile tool that is easily integrable even in complex environments with different applications and services.
To empower the security and independence of the whole solution, we developed a custom multi-factor authenticator (MFA) with push notifications and multiple security levels, that can run either on your premises or in the cloud.
Combining MidPoint and Keycloak creates a complete IGA solution for an organization. MidPoint handles the entire identity lifecycle and authorizations thanks to the advanced RBAC model. At the same time, Keycloak can provide secure and streamlined access to applications and services through single sign-on or via a fully customizable authentication interface that will meet your company branding manual.
We went with the integration between these two essential tools even further. To achieve a higher security level, we suggest locking midPoint behind the firewall, making Keycloak the only contact point. To enable this, we implemented a password synchronization mechanism to allow users to change or reset passwords on the access management layer and provision new passwords to the identity management layer for further distribution.
Why is Keycloak an outstanding tool for managing access in your organization with ease?
Open-Source
Keycloak is an open-source software that is available for free. Its source code is available on GitHub, which means it can be customized and extended to meet specific requirements.
Easy to use
It is designed to be easy to use and integrate with existing applications. It provides a web-based administrative console that simplifies the configuration of SSO, user management, and other security-related tasks.
Supports various protocols
All popular SSO protocols such as OpenID Connect, SAML 2.0, and OAuth 2.0 are supported, which makes it easy to integrate with different types of applications and services.
Customizable
Keycloak allows you to customize the user interface, branding, and theme to match your organization’s look and feel. You can also create custom user attributes and roles to meet specific business requirements.
Security-focused
Keycloak provides various security features such as two-factor authentication, brute-force detection, and password policies to ensure the security of user credentials.
Scalable
Keycloak is designed to be scalable and can handle thousands of users and applications. It provides a clustering feature that allows you to deploy multiple Keycloak instances to handle high traffic and ensure high availability.
Redhat sso
If you require enterprise-level support over the latest features, Red Hat SSO may be a better choice.
The key difference between Red Hat SSO and Keycloak is the level of support and offered features. Red Hat SSO offers enterprise-level support and product stability but might lack the latest features. It is for those who prioritize safety.
Red Hat SSO also integrates with other Red Hat products, such as Red Hat OpenShift and Red Hat Fuse.
