Summary of Securing apps and services with Keycloak authentication | DevNation Tech Talk

00:00:00 - 00:30:00

The video discusses how to secure applications and services using Keycloak authentication. It covers the various ways in which Keycloak can be integrated with other technologies, and provides a brief overview of the forgotten password and registration features.

• 00:00:00 Keycloak is an open source intensity and access management solution that is specifically designed for modern applications and api's. It's a ready to use out of box service that you can spin up separately to your applications to then secure them easily with little to no code needed. There are two main stream protocols for delegating authentication and security- Open ID Connect and Sam'l. Open ID Connect is simpler to deal with and it fits their modern needs better, while Sam'l works well for monolithic applications and applications that are third-party. How to secure your applications varies depending on the framework and language you are using, but Keycloak provides adapters for many languages and frameworks.
• 00:05:00 In this video, DevNation Tech Talk presenter Kiko Dr. shows how to securely access applications and services with Keycloak authentication. Keycloak authentication is integrated into several popular frameworks, and Kiko provides adapters for Node.js, Spring, and Java EE.
• 00:10:00 This video discusses how to secure applications and services with Keycloak authentication. One approach is to use the same concept for monolithic applications and services that want to invoke external services. The service side is that the service can verify the access token using the key talk server and key cog server. If the token is valid, the service can use the public key to verify the signature. There is a bit of a window after the user logs out until the token expires. The offline approach has a longer window, but has the advantage of not requiring the user to be logged in all the time. The online approach has the disadvantage of requiring a logout from a user or disabled user. With Keycloak, it is easy to switch between different languages and implementations of end-to-end user authentication.
• 00:15:00 The video discusses ways to secure applications and services with Keycloak authentication. Keycloak needs to be configured and the JavaScript adapter needs to be initialized. Once configured, the public and secure endpoints can be invoked. The application needs to be created with the correct realm and kind ID, and the key code and JavaScript adapter need to be configured.
• 00:20:00 The video demonstrates how to secure an application with Keycloak authentication. OpenShift is used to demonstrate how the authentication can be configured.
• 00:25:00 The video discusses how Keycloak authentication works and what features are available. It also covers how to enable forgotten password and registration features.
• 00:30:00 The presenter discusses the various features of Keycloak authentication, which enables secure access to apps and services. They discuss the various ways in which Keycloak can be integrated with other technologies, including Active Directory. They conclude the talk with a brief Q&A session.