What is an Identity management tool?

Simply it can be used as a security provider. We can delegate our security to a third party. It is just like hiring a security person or hiring a bodyguard.

What is the Keycloak framework?

• Open-source software
• Commercial offering available, RedHat SSO
• Java-based authentication and authorization server.
• Very easily integrated with Spring framework based applications.

Actually, the Keycloak framework is an authentication and authorization server that can be used to secure your applications. It has many features as I mentioned below. Only you need to configure functionalities, don't need to write code. So it will save your development time.

Features of the Keycloak framework

• Single sign-on and single sign-out
• Social login
• User federation (LDAP, Active directory)
• Centralized management with Admin console
• Standard protocols (OpenId connect 1.0, OAuth2.0, SAML 2.0)
• Easy setup and integration
• Customizable and extensible
• High performance

The technology stack of Keycloak framework

• Angular JS, Bootstrap, Freemaker, PatternFly
• REST Easy
• JPA, Jackson 2.x, Commons HTTP client, Wildfly

Token types of Keycloak

• Access token - a short-lived token that can be used for accessing resources
• Refresh token - a long-lived token that can be used to request a new token
• ID token - contains user information
• Offline token - refresh token that never expired

OAuth 2.0 flow on Keycloak