https://github.com/burkaydurdu/keycloak

Keycloak Structure
https://github.com/burkaydurdu/keycloak

authentication authorization keycloak

Last synced: 4 months ago
JSON representation

Keycloak Structure

• Host: GitHub
• URL: https://github.com/burkaydurdu/keycloak
• Owner: burkaydurdu
• Created: 2021-12-07T22:59:52.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2021-12-10T21:21:35.000Z (over 4 years ago)
• Last Synced: 2025-10-26T23:34:12.311Z (8 months ago)
• Topics: authentication, authorization, keycloak
• Homepage:
• Size: 11.7 KB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# KEYCLOAK

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services.

It makes it easy to secure applications and services with little to no code.

[About](https://www.keycloak.org/about)

## Parts of Keycloak

### Realm

> Think of a **realm** as a tenant. A realm is fully isolated from other realms,

it has its own configuration and its own set of applications and users.

This allows a single installation of Keycloak to be used for multiple purposes.

For example, you may want to have one realm for internal applications and employees,

and another realm for external applications and customers.

### Client

> Clients are entities that can request Keycloak to authenticate a user.

Most often, clients are applications and services that want to use 

Keycloak to secure themselves and provide a single sign-on solution.

Clients can also be entities that just want to request identity

information or an access token so that they can securely invoke other

services on the network that are secured by Keycloak.

### Client Scopes

> When a client is registered, you must define protocol mappers and role scope mappings for that client.

It is often useful to store a client scope, to make creating new clients easier by sharing some common

settings. This is also useful for requesting some claims or roles to be conditionally based on the value of

the scope parameter. Keycloak provides the concept of a client scope for this.

## Authorization

- First of all you should create role: ``Roles > Add Role``

- You go to relevant ``client`` and Click the **Authorization** tab.

- You should create ``Authorization Scopes``, For example **scopes:create**, **scopes:viewer**, **scopes:update**

- You should create ``Policies``, For example **editor**, **viewer**, **editor or viewer**,

    - You must select type **role** then you should select a role when you are creating scope.

- You should create ``Resources``, For example **res:categories**

    - You have to select scopes **create, viewer, update**

- You should create ``Permissions``, For example **category-create**, **category-view**

    - You have to select **Scope-Based**

    - You must select **resource**, **scope**, **policy**

## Dockerize

```

docker-compose up -d

```

``Admin Username: user``

``Admin Password: bitnami ``

### Kubernetes

```

kubectl apply -f keycloak.yml

```

## References

[Keycloak - Identity and Access Management for Modern Applications](https://www.amazon.com/Keycloak-Management-Applications-protocols-applications/dp/1800562497) 

[Keycloak Official Web Site](https://www.keycloak.org)