par Mathieu PASSENAUD | Fév 7, 2023 | Communauté, Gestion des Identités, Sécurité, SSO
You can use the SSH connection with OAuth2 authentication method to connect to Keycloak with SSH. This requires that you generate an SSH key pair and register it in your Keycloak account. You will then need to configure your SSH client to use the OAuth2 authentication...
par Mathieu PASSENAUD | Fév 7, 2023 | Gestion des Identités, Sécurité
From some times now (release 13.0) Keycloak supports device code flow which can be very usefull in some cases. The device code flow is an OAuth 2.0 authorization flow used by applications that cannot securely store a client secret, such as applications installed on...
par Mathieu PASSENAUD | Nov 15, 2022 | Communauté, SSO
Keycloak now supports Authentication Context Class Reference parameter for different Level of Authentication. It means that you can define different level of authentication in a single flow. oidc-bash Our partner please-open.it has open sourced a little tool called...
par Mathieu PASSENAUD | Nov 7, 2022 | Gestion des Identités, Sécurité, SSO
Client Initiated Backchannel Authentication (aka CIBA) and Keycloak how-to and tool. What is the goal ? People will think that method is close to device code authentication, a way to authenticate a user without a UI. Device code without a UI : no, device code needs a...
par Mathieu PASSENAUD | Mar 16, 2022 | Gestion des Identités, Sécurité, SSO
Transient sessions in Keycloak or how to save your cache performances ! Keycloak genrates a session on each user login and those sessions are replicated in Infinspan caches. Sometimes, you only need a token, not a session. In this article we will try to explain how to...
