Core Java, Frameworks & Servers
Friday, 20. May 2016., 09:00
OAuth 2 and OpenID Connect have become standard for modern web applications, and mobile. We developers mostly use them when integrating our applications with REST API services provided by Facebook, Google, and the likes. If we knew how, we would happily use access token based authorisation with our own mobile, and web projects, but there used to be no easy open-source solution with usable admin UI and a full set of functionality. In this session we'll explain how OAuth 2, and OpenID Connect work. We'll show how Google, and Facebook make use of them, and how we can do the same with Keycloak. We'll show how simple it is to delegate a login form of our application to Keycloak, and to turn on support for self-registration of users, and out-of-the-box facilities like forgotten password recovery, self-service user profile management, grant management, or enable social login with Facebook, Google, and other popular services. This way we get a modern web application with Single Sign-On / Single Logout support, and an administrative UI for managing users, their groups, and roles.Session presenter Marko Strukelj is part of Keycloak core development team.