Our great sponsors
-
Ory Kratos
Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market! (by ory)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
An open source solution pre-built from professionals like Ory Kratos or Keycloak saves you a lot of time and pain.
https://github.com/ory/kratos
> An open source solution pre-built from professionals like Ory Kratos or Keycloak saves you a lot of time and pain.
Keycloak in itself is a pain to manage as well. Without Terraform, you're lost... and integrating stuff with Keycloak is a pain as well. I've tried and failed to integrate a self-hosted GitLab instance, for example - their docs [1] don't specify anything how the Keycloak config is supposed to look like, the next best Google hit doesn't either [2], and somewhen in the last two years the third Google hit [3] got outdated - the Keycloak OIDC configuration UI got completely reorganized and renamed. Other stuff like Atlassian is a pain to integrate with Keycloak OIDC as well.
So, if anyone could point me to a working configuration for modern Keycloak and GitLab, I'd be really thankful. And if doc writers could specify a working Terraform, Ansible or whatever code that specifies the Keycloak configuration the application understands, I'd be even more thankful. OIDC is a horrible mess, I get it, but if your users can't get it to work because you specify nowhere what exact flavor and quirks of OIDC your application need, it reflects badly not just on Keycloak but on your application as well.
/rant
[1] https://docs.gitlab.com/ee/administration/auth/oidc.html#con...
[2] https://github.com/ChathuminaVimukthi/Gitlab-SSO-implementat...
[3] https://dheeruthedeployer.medium.com/gitlab-integration-with...
> An open source solution pre-built from professionals like Ory Kratos or Keycloak saves you a lot of time and pain.
Keycloak in itself is a pain to manage as well. Without Terraform, you're lost... and integrating stuff with Keycloak is a pain as well. I've tried and failed to integrate a self-hosted GitLab instance, for example - their docs [1] don't specify anything how the Keycloak config is supposed to look like, the next best Google hit doesn't either [2], and somewhen in the last two years the third Google hit [3] got outdated - the Keycloak OIDC configuration UI got completely reorganized and renamed. Other stuff like Atlassian is a pain to integrate with Keycloak OIDC as well.
So, if anyone could point me to a working configuration for modern Keycloak and GitLab, I'd be really thankful. And if doc writers could specify a working Terraform, Ansible or whatever code that specifies the Keycloak configuration the application understands, I'd be even more thankful. OIDC is a horrible mess, I get it, but if your users can't get it to work because you specify nowhere what exact flavor and quirks of OIDC your application need, it reflects badly not just on Keycloak but on your application as well.
/rant
[1] https://docs.gitlab.com/ee/administration/auth/oidc.html#con...
[2] https://github.com/ChathuminaVimukthi/Gitlab-SSO-implementat...
[3] https://dheeruthedeployer.medium.com/gitlab-integration-with...