You're reading from Keycloak - Identity and Access Management for Modern Applications Harness the power of Keycloak, OpenID Connect, and OAuth 2.0 protocols to secure applications

Product type Paperback

Published in Jun 2021

Publisher Packt

ISBN-13 9781800562493

Length 362 pages

Edition 1st Edition

Tools

Docker

Concepts

System Administration

Authors (2):

Pedro Igor Silva

Stian Thorgersen

View More author details

Table of Contents (21) Chapters

Preface

1. Section 1: Getting Started with Keycloak

2. Chapter 1: Getting Started with Keycloak FREE CHAPTER

3. Chapter 2: Securing Your First Application

4. Section 2: Securing Applications with Keycloak

5. Chapter 3: Brief Introduction to Standards

6. Chapter 4: Authenticating Users with OpenID Connect

7. Chapter 5: Authorizing Access with OAuth 2.0

8. Chapter 6: Securing Different Application Types

9. Chapter 7: Integrating Applications with Keycloak

10. Chapter 8: Authorization Strategies

11. Section 3: Configuring and Managing Keycloak

12. Chapter 9: Configuring Keycloak for Production

13. Chapter 10: Managing Users

14. Chapter 11: Authenticating Users

15. Chapter 12: Managing Tokens and Sessions

16. Chapter 13: Extending Keycloak

17. Section 4: Security Considerations

18. Chapter 14: Securing Keycloak and Applications

19. Assessments

20. Other Books You May Enjoy

Authorizing application access with OAuth 2.0

OAuth 2.0 is by now a massively popular industry-standard protocol for authorization.

At the heart of OAuth 2.0 sits the OAuth 2.0 framework, which has enabled a whole ecosystem of websites to integrate with each other. Prior to OAuth 2.0 there was OAuth 1, as well as more bespoke solutions to allow third-party applications to access data on behalf of the user, but these approaches were complex or not easily interoperable. With OAuth 2.0, sharing user data to third-party applications is easy, doesn't require sharing user credentials, and allows control over what data is shared.

OAuth 2.0 is not only useful when dealing with third-party applications. It is also incredibly useful for limiting access to your own applications. Just as it wasn't uncommon for third-party applications to ask for your username and password to other sites, this was a common pattern within the enterprise as well. Applications would, for example, ask...