Just configured my #keycloak to use a x509 client SSL certificate for authentication. Never entering a password again :clippy:

🗝️ Unlocking the mysteries of Docker Compose!

Check out my new article on installing Keycloak and give your apps the security they deserve. 🛡️

https://www.heyvaldemar.com/install-keycloak-using-docker-compose/

#devops #devsecops #kubernetes #cicd #k8s #linux #docker #sysadmin #keycloak #kubectl #microservices #aws

Distirbuted #keycloak with #cockroachdb

https://dantheengineer.com/keycloak-on-distributed-sql-cockroach-part-1-2/

Codethink has just published a simple extension for the FOSS single-sign-on solution Keycloak. It may have a very simple code-base, but adds important functionality: requiring our users to enable 2-factor authentication, but giving them the choice of method – time-based OTP or U2F with a Yubikey.

We hope other organisations find it useful in embedding security best practices into their workflows.

Have a look or contribute at: https://gitlab.com/CodethinkLabs/keycloak-provider-allow-otp-or-webauthn

#OpenSource #Keycloak #u2f #2fa

🌩️
Cloud Authentication Services

There is a sea of Cloud Auth / Identity management providers.

There was a time I used to roll my own, but as security is getting complicated, it seems for startups & small to medium businesses it is better to use a cloud auth provider.

Please share your thoughts on your experience with this as I look into this area.

So far I have come across:

#Cognito
#Auth0 (by Okta)
#Okta
#Firebase
#Supabase
#KeyCloak

#security
#authentication
#cloud

I just wrote a small article on my #techblog about how to integrate #opensource #keycloak as #openid provider on a simple #dotnet #aspnet #angular application.

Feedbacks welcome (especially if you have an idea about the SPA proxy routing thing)

https://blog.keda.re/blog/keycloak-aspnet-identity.html

#Heimdall (Dashboard)
#UptimeKuma (Monitoring)
#NginxReverseProxy (selbsterklärend)
#Odoo (Rechnungen und anderes)
#Paperless (Dokumentenmanagment)
#Keycloak (Authentifizierungsserver)

Hinzukommen soll noch ein #Wiki und ein #Forum. Am besten in einer Software.

Könnt ihr etwas Empfehlungen? NodeBB käme evtl. in Frage

Anyone have experience with #Authelia? (https://hub.docker.com/r/authelia/authelia)

Looking for a lightweight alternative to #Keycloak to handle auth for a self-hosted, containerized app. Keycloak itself is a 400MB+ image compressed...

KEYCLOAK "2+1" Starterpaket:
https://www.linkedin.com/feed/update/urn:li:share:7088129182034993152/

#keycloak #authentifzierung #oidc

I could probably make a little shim between #IndieAuth clients and #Keycloak to handle client lookup and registration. Not completely sure how IndieAuth clients would handle the redirect though (as it would be undoubtedly cross-subdomain)...

New #Video on my #YouTube channel: #Keycloak Migration and Upgrading #FAQ

https://www.youtube.com/watch?v=-2E5QSQTGtU

Mit #Keycloak bekommt #UCS einen neuen Standard #IdentityProvider für die sichere Authentifizierung von Nutzer*innen an IT-Diensten über das Internet per Single-Sign-on (#SSO).

Welche Funktionen mit dem neusten Release der UCS Keycloak-App bereitstehen und wie ihr die #Migration auf Keycloak einfach bewerkstelligt lest ihr in unserem Blogartikel:

https://www.univention.de/blog-de/2023/07/keycloak-neue-features/

I'm yet again stuck on my #Keycloak deployment. In our old Widlfly deployment, we had a plugin "JSON Remote claim Mapper for Keycloak" applied, but I'm failing to deploy it on latest Keycloak as it fails on the kc build step. Any tips appreciated.

I've started reading a bit about #IndieAuth -- for some reason, I started with the spec on W3.org, which makes more sense to me than a lot of stuff I've read but it also doesn't "feel" complete.

I'm wondering if I can configure #Keycloak to function sufficiently as an IndieAuth provider.

Hi! Interessiert an #Kubernetes, #Rancher, #microservices, #devops, #vmware #keintanzu😄 #servicemesh, #keycloak quasi #Greenfield Das Universitätsklinikum Heidelberg sucht minimum einen DevOps Admin, bisher noch keine Ausschreibung, aber Initiativbewerbung gerne gesehen. Kurze DM an mich und ich schick die genauen Kontaktdaten. Gerne auch Fragen schicken #job #Jobangebot #suchekollegen

The #keycloak team is looking for feedback about using the Keycloak Authorization Services and authorization use-cases in general.

You can help to improve the Authorization Support in Keycloak!

Survey: https://www.keycloak.org/2023/07/authorization-survey.html

Current #homelab projects:

- migrating everything off of my first and primary server to others do I can start over with SSD storage to replace the current failing disks
- slowly migrating service into HashiCorp #nomad
- moving secrets into HashiCorp #vault and eventually using #1password as the backend
- need to setup sso, should I use # #keycloak, #authelia, or #authentik?

Hello la team #admin !
Quelqu'un par ici aurait déjà essayé de configurer #friendica pour permettre l'authentification par #keycloak ? Comme ici:
https://perl.social

What do you use for SSO in your #homelab?

I'm currently using #Keycloak with #FreeIPA as an auth backend, but I find keycloak to be a pain to look after, and it's quite memory hungry.

I was looking at #authentik, and it seems interesting.

Today (02.07.2023) starting from 16:00 CEST we are going to do some maintenance work on pub.solar.

Affected services with short possible downtime:

🔑 Keycloak SSO (https://auth.pub.solar)
:gitea: Gitea (https://git.pub.solar)
🤖 Drone CI (https://ci.pub.solar)
✉️ Mailman (https://list.pub.solar)
🕸️ Website (https://pub.solar)

For updates on the maintenance, see our status page: https://stats.uptimerobot.com/G28ByiBg8j

#maintenance #selfhosting #PubSolar #forgejo #keycloak #mailman