Open source identity and access management for adding authentication, user federation, and authorization
- Stars34.9k
- Forks8.5k
- Open Issues2.8k
Apache-2.0
- Java
- TypeScript
- FreeMarker
About Keycloak
Keycloak is open source identity and access management for modern applications and services. It helps add authentication with minimal effort and avoids the need to store or authenticate users in each application. It is built for securing services while centralizing identity handling.
It provides user federation, strong authentication, user management, and fine grained authorization. Keycloak supports OIDC and SAML, and can be run from a downloaded distribution or as a Docker image. The server startup command is kc start-dev.
Keycloak is licensed under the Apache License 2.0 and is a Cloud Native Computing Foundation incubation project. It ships as official downloads on the Keycloak website and as a container image on Quay. Self-hosting is a core deployment model, and the same distribution can run standalone or in a cluster.
Key features
- User federation for centralized identity
- Strong authentication and user management
- Fine grained authorization
- OIDC and SAML support
- Downloadable distribution and Docker image
Details
- First released
- 2013
- Platforms
- Web · Docker · CLI
- Deployment
- self-hostable · docker
- Protocols
- OIDC · SAML
- License
- Apache 2.0
- Governance
- CNCF incubation project