Identity Management, One-Time-Passwords and Two-Factor-Auth with Spring Boot and Keycloak
Communicating with identity and access management systems is a common task for many web-applications exposing secured resources. Keycloak is an open source software that provides not also such authorization services but also offers a lot of features from Single-Sign-On, Identity-Brokering, Social-Login, User-Federation, multiple client-adapters up to the administration console or support for protocols like OpenID, SAML, OAuth2, Kerberos and more. I will demonstrate how to integrate a Spring Boot web application with Keycloak and configure an authentication flow that requires a two-factor-authentication with user credentials and also one-time-passwords. ...