keycloak-scim/topics/overview/features.adoc

30 lines
1.8 KiB
Text
Raw Normal View History

2016-05-12 21:48:03 +00:00
=== Features
2016-06-02 06:35:09 +00:00
* Single-Sign On and Single-Sign Out for browser applications
* OpenID Connect support.
* OAuth 2.0 support.
* SAML support.
* Identity Brokering - Authenticate with external OpenID Connect or SAML Identity Providers.
* Social Login - Enable login with Google, GitHub, Facebook, Twitter, and other social networks.
* User Federation - Sync users from LDAP and Active Directory servers.
* Kerberos bridge - Automatically authenticate users that are logged-in to a Kerberos server.
* Admin Console for central management of users, roles, role mappings, clients and configuration.
* Account Management console that allows users to centrally manage their account.
* Theme support - Customize all user facing pages to integrate with your applications and branding.
* 2nd Factory Authentication - Support for TOTP/HOTP via Google Authenticator or FreeOTP
* Login flows - optional user self-registration, recover password, verify email, require password update, etc.
* Session management - Admins and users themselves can view and manage user sessions.
* Token mappers - Map user attributes, roles, etc how you want into tokens and statements.
* Not-before revocation policies per realm, application and user.
* CORS support - Client adapters have built-in support for CORS
{% if book.community %}
* Service Provider Interfaces (SPI) - A number of SPIs to enable customizing various aspects of the server. Authentication flows, user federation providers,
protocol mappers and many more.
* Client adapters for JavaScript applications, WildFly, JBoss EAP, Fuse, Tomcat, Jetty, Spring, etc.
{% endif %}
{% if book.product %}
* Client adapters for JavaScript applications, JBoss EAP, Fuse, etc.
{% endif %}
* Supports any platform/language that has an OpenID Connect Resource Provider library or SAML 2.0 Service Provider library