One of the best explanation of SSO in Keycloak using OIDC I've ever seen

02:22 Overview 05:28 Features 09:02 Main Concepts 11:48 Quick Tour - Admin Console 12:43 Admin Console Demo - Configure 19:00 Admin Console Demo - Manage 20:12 Technology Stack 22:04 Server Architecture 24:59 SSO with OIDC 29:34 Keycloak Tokens 33:22 JSON Web Tokens 34:42 JWT Example 36:39 Calling Backend Services with Access Token 39:17 Keycloak Client Integrations 41:25 Keycloak Demo - Securing Apps 41:28 Demo Environment 41:54 Demo Services 45:35 Demo Applications 47:10 Github Repository 47:55 Keycloak in the field 51:54 Summary 53:05 Keycloak Extension Playground

Thanks a lot Thomas. One of the best sessions I watched in recent times. Very informative. Learned a lot. Will definitely give a try.

Hat's off to you Thomas; truly great insight on KeyCloak and its capabilities. I was badly looking for AD/ADFS integration and was not getting right pointers. Thank you very much; you are a great professional !!!

Great demo! I learned a lot of stuff, not just keycloak. I kinda feel that Keycloak can be a great substitute for Auth0.

Hello, thanks a lot for the great presentation. Just to add, if you want the ability to revoke Access Tokens before they expire, you can use the introspection endpoint instead of checking the signature.

Thanks. Well prepared, well presented, Informative demo and presentation. Learned a lot in this session.

This was great!!! Completely answered questions I had about backend validating tokens

Finaly i got best of explanation about SSO with Keycloak big thanks

Great. A very useful demo covering almost everything that we need to secure applications using Keycloak. Thanks a lot.

Thanks for summing up a lot of info within an hour!

Very informative tutorial. Many concepts are clearly explained. I played the video at the speed of 0.75x.

Great talk. Thanks, Thomas.

i love it how he pronounces single sign on as "sing a song"

A very good introduction and overview! Just what I was looking for to start with Keycloak! Vielen Dank!!

Great talk!

Awesome presentation. Thanks Thomas :D

Great Demo!!!Learned a lot Requesiting for few more videos on keycloak with indepth explanation to expertise in keycloak

Spectacular Demo

Great demo ! Thanks

Great introduction! Thank you Thomas!

Thanks for the useful video. I am facing configuring public IP addresses on keycloak. would you mind telling if any specific configuration needs to be noted?

Nice presentation.

Thank you very much. That was a great session

This looks awesome! Thank you!

Quite amazing!

Where can I find the slides?

Awesome Video! Very helpful content. You also did a great job explaining! Thank you!

Keycloak helped us in our application. The only downside i have seen is that there are many options and you need good jargon knowledge.

great info and very good demo! thanks thomas!

Simply awesome. Thank you so much!

Simply Awesome

Can we add into the access token, the location of the original request? Like, the application where the login was initiated from?

Let's say it's an Order API and I want to see only my Order and I should not have access to modify my Order. However, a Sales Agent can. Is it possible using keycloak?

that's realy great

Do we need to define security constraint in application.yml?

Unfortunately this is the old keycloak version. Many things have changed, especially the UI.

Great talk! Thanks

For anyone curious as to why they cannot find Keycloak Gatekeeper anymore, it was moved out of the Keycloak governance group earlier in 2020. Details can be found here: groups.google.com/forum/#!topic/keycloak-dev/oDyw94BWxM0

Great Demo!!

Right?

46:55 "Zack" hehe

Thanks, great demo. I have a question, I've my react-front and back-spring-api securized with keycloak. Why when I logout from react-app or close all session in keycloak admin console before that the token expire, I still can call rest api backend using the previous token generated at login moment (postman)? *backend-spring-api config* _"client-id": "my-public-client",_ _"bearer-only": true,_ _"auth-server-url": "localhost:8180/auth",_ _"realm": "my-realm"_

hi, you are doing great job, if posible please make tutorilas on flask keycloak integration.. thank you

noice

Great! Really impressive! Now rewrite it in golang! Basically every application I am dealing with need this functionality the problem is jboss, Jboss, or any other "container", it is orrible I dont wanna have it around never, at least rewrite it to run without jboss and will be ok for me.

Bye bye Auth0