Table of Content
Keycloak is an identity and access management (IAM) tool sponsored by Red Hat. Developed in Java using the Spring framework, it manages user identity and login sessions using identity verification protocols such as Open ID Connect, OAuth2, and SAML.
The primary intent behind its creation is to secure applications without requiring them to implement their own authentication systems, along with the associated challenges like security, database management, and so on.
Among Keycloak’s foremost advantages is its comprehensive nature, enabling companies and developers to focus on their application’s unique functionalities without building authentication functionality from scratch.
It supports two-factor authentication (2FA) and can consolidate an application’s authentication methods, thus establishing a single sign-on (SSO) for all its features.
Keycloak’s API
Keycloak also features a REST-API known as the Keycloak API. This enables application developers to manage various application parameters, including handling clients, realms, groups, and roles. It also facilitates the management, creation, and deletion of users, procuring access tokens for applications, and detecting potential attacks, among other functions.
While the API offers a way to interact with Keycloak similarly to its graphical interface, its design has some redundancies. For instance, one might expect a user to set their password simultaneously, but the API requires a separate call. Additionally, although the Keycloak documentation suggests that roles and attributes can be modified within a single JSON ‘user’ type, in practice, two separate API calls are needed: one for roles and another for attributes.
Keycloak does not currently support modifying user roles and attributes in a single API call. The Keycloak documentation for both the roles and attributes endpoints mentions that a JSON user type is included with attributes and role fields. However, these fields are only used for retrieving user information, not modifying it.
Keycloak-Typescript
Keycloak-typescript is an open-source library that simplifies the interaction between Node.js projects and the Keycloak API. Its primary focus is creating a ‘facade’ that hides the intricate details of multiple API calls, enabling developers to execute complex actions under a single method.
This library was born from the challenges faced during Krasamo projects, where multiple API interactions often led to excessive coding. The essence of Keycloak-typescript is to streamline the integration process with the Keycloak API, encapsulating the logic behind tasks like user creation, modification, and role management into unified methods.
One of the standout advantages of this package is its seamless integration with Node.js projects. Installation is a breeze, requiring a straightforward command via NPM, and its methods offer intuitive user management solutions.
Another advantage of Keycloak is its open-source nature under the MIT license. This means you can actively contribute to its development, adapting it to your needs, suggesting ideas, reporting bugs, or enhancing the documentation.
You can download our open-source ‘krasamo/keycloak-typescript‘ libraries to simplify the integration of Keycloak with your Node.js project.
Krasamo is a Dallas-based IoT and mobile app development company working with medium to large US corporations since 2010. If you’re interested in Keycloak consulting services or implementing Identity and Access Management for your applications, don’t hesitate to get in touch with us.