Skip to content

IAM and SSO with Keycloak

Duration

2 days

Target Audience

  • Software Developers
  • System Administrators
  • DevOps Engineers

Prerequisites

  • Basic knowledge of Docker
  • (Optional) Basic knowledge of Java development
    • Only required for extending Keycloak with SPIs

Course Objective

The course teaches the fundamental concepts and practical application of Keycloak as an Identity and Access Management solution. Participants will learn how to securely set up, operate, and integrate Keycloak into existing applications. Using practical scenarios, topics such as user management, role and permission concepts, and securing applications using OpenID Connect and SAML will be covered.

Training Format

The course content is presented by the trainer using slides and live demos. Between the individual chapters, participants can apply and deepen the content in practical exercises. The split is 70% theoretical content and 30% practical exercises.

Course Content

  • Introduction
    • Welcome and training objectives
    • Overview of Keycloak: Features and use cases
    • Architecture and core components (Realm, Clients, User Federation)
  • Installation and Basic Configuration
    • Installation of Keycloak (Standalone & Cluster)
    • First steps: Configuring a realm
    • User management: Creating users, roles, and groups
    • Introduction to user groups and role hierarchies
  • Clients and Protocols
    • Introduction to OAuth 2.0, OpenID Connect, and SAML
    • Client types in Keycloak
    • Configuration of clients (OIDC, SAML)
  • Operations and Updates
    • Update strategies
    • Security best practices
    • Monitoring and logging
    • Backup and restore strategies
  • Authentication and Authorization Flows
    • Introduction to authentication flows
    • Customization and extension of flows
  • Keycloak APIs and Extensions with SPIs
    • Overview of the Keycloak Admin REST API
    • Introduction to Service Provider Interfaces (SPIs)
    • Understanding key concepts
    • Examples of common Keycloak SPIs
    • Best practices for development and integration
  • Theming
    • Structure of Keycloak's theme system
    • Customization of login and registration pages