2013-07-02 13:38:51 +00:00
keycloak
========
2014-08-20 12:49:42 +00:00
Please visit [http://keycloak.org ](http://keycloak.org ) for more information on Keycloak including how to download, documentation,
2014-08-20 12:50:24 +00:00
and video tutorials.
Keycloak is an SSO Service for web apps and REST services.
2014-10-22 20:21:46 +00:00
It can be used for social applications as well as enterprise applications. It is based on OpenID Connect with support for SAML 2.0 as well.
2014-08-20 12:49:42 +00:00
Here's some of the features:
* SSO and Single Log Out for browser applications
* Social Broker. Enable Google, Facebook, Yahoo, Twitter social login with no code required.
* Optional LDAP/Active Directory integration
* Optional User Registration
2014-11-10 22:11:07 +00:00
* Password and TOTP support (via Google Authenticator or FreeOTP). Client cert auth coming soon.
2014-08-20 12:49:42 +00:00
* User session management from both admin and user perspective
* Customizable themes for user facing pages: login, grant pages, account management, emails, and admin console all customizable!
* OAuth Bearer token auth for REST Services
* Integrated Browser App to REST Service token propagation
* Admin REST API
* OAuth 2.0 Grant requests
* CORS Support
* CORS Web Origin management and validation
* Completely centrally managed user and role mapping metadata. Minimal configuration at the application side
* Admin Console for managing users, roles, role mappings, applications, user sessions, allowed CORS web origins, and OAuth clients.
* Deployable as a WAR, appliance, or an Openshift cloud service (SaaS).
2014-11-10 22:11:07 +00:00
* Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat, and Jetty applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java applications.
2014-08-20 12:49:42 +00:00
* Javascript/HTML 5 adapter for pure Javascript apps
* Session management from admin console
* Revocation policies
* Password policies
* OpenID Connect Support
2014-10-22 20:21:46 +00:00
* SAML Support
2015-03-12 22:13:05 +00:00
* Token claim and SAML assertion mappings, role name mappings, etc. Ability to configure exactly what information you want in your tokens and SAML documents
* IDP brokering or chaining. You can set up Keycloak to be a child IDP to another SAML or OIDC IDP.
* Kerberos bridging. Logged in Kerberos users can access Keycloak SAML or OIDC applications via our Kerberos bridge.
2014-08-20 12:49:42 +00:00
Please visit [http://keycloak.org ](http://keycloak.org ) for more information on Keycloak including how to download, documentation,
and video tutorials.