Identity Management, One-Time-Passwords and Two-Factor-Auth with Spring Boot and Keycloak

Sun, 26 Nov 2017 00:00:00 +0100

Communicating with identity and access management systems is a common task for many web-applications exposing secured resources.

Keycloak is an open source software that provides not also such authorization services but also offers a lot of features from Single-Sign-On, Identity-Brokering, Social-Login, User-Federation, multiple client-adapters up to the administration console or support for protocols like OpenID, SAML, OAuth2, Kerberos and more.

I will demonstrate how to integrate a Spring Boot web application with Keycloak and configure an authentication flow that requires a two-factor-authentication with user credentials and also one-time-passwords.

Setting up an OAuth2 Authorization Server and Resource Provider with Spring Boot

Sun, 13 Mar 2016 00:00:00 +0100

OAuth2 is a frequently used standard for authorization and with Spring Boot it is easy to set up authorization and resource server in no time.

In the following short tutorial I’d like to demonstrate how to set up an OAuth2 authorization server as well as a connected and secured resource server within a few minutes using Java, Maven and Spring Boot.

Figure 1. OAuth2 Flow with Spring Boot in Action

Oauth on Micha Kops' Tech Notes

Identity Management, One-Time-Passwords and Two-Factor-Auth with Spring Boot and Keycloak

Setting up an OAuth2 Authorization Server and Resource Provider with Spring Boot