39 lines
2.2 KiB
Markdown
Executable file
39 lines
2.2 KiB
Markdown
Executable file
keycloak
|
|
========
|
|
|
|
Please visit [http://keycloak.org](http://keycloak.org) for more information on Keycloak including how to download, documentation,
|
|
and video tutorials.
|
|
|
|
Keycloak is an SSO Service for web apps and REST services.
|
|
It can be used for social applications as well as enterprise applications. It is based on OpenID Connect with support for SAML 2.0 as well.
|
|
Here's some of the features:
|
|
|
|
* SSO and Single Log Out for browser applications
|
|
* Social Broker. Enable Google, Facebook, Yahoo, Twitter social login with no code required.
|
|
* Optional LDAP/Active Directory integration
|
|
* Optional User Registration
|
|
* Password and TOTP support (via Google Authenticator or FreeOTP). Client cert auth coming soon.
|
|
* User session management from both admin and user perspective
|
|
* Customizable themes for user facing pages: login, grant pages, account management, emails, and admin console all customizable!
|
|
* OAuth Bearer token auth for REST Services
|
|
* Integrated Browser App to REST Service token propagation
|
|
* Admin REST API
|
|
* OAuth 2.0 Grant requests
|
|
* CORS Support
|
|
* CORS Web Origin management and validation
|
|
* Completely centrally managed user and role mapping metadata. Minimal configuration at the application side
|
|
* Admin Console for managing users, roles, role mappings, applications, user sessions, allowed CORS web origins, and OAuth clients.
|
|
* Deployable as a WAR, appliance, or an Openshift cloud service (SaaS).
|
|
* Supports JBoss AS7, EAP 6.x, Wildfly, Tomcat, and Jetty applications. Plans to support Node.js, RAILS, GRAILS, and other non-Java applications.
|
|
* Javascript/HTML 5 adapter for pure Javascript apps
|
|
* Session management from admin console
|
|
* Revocation policies
|
|
* Password policies
|
|
* OpenID Connect Support
|
|
* SAML Support
|
|
* Token claim and SAML assertion mappings, role name mappings, etc. Ability to configure exactly what information you want in your tokens and SAML documents
|
|
* IDP brokering or chaining. You can set up Keycloak to be a child IDP to another SAML or OIDC IDP.
|
|
* Kerberos bridging. Logged in Kerberos users can access Keycloak SAML or OIDC applications via our Kerberos bridge.
|
|
|
|
Please visit [http://keycloak.org](http://keycloak.org) for more information on Keycloak including how to download, documentation,
|
|
and video tutorials.
|