keycloak logo


Open Source Identity and Access Management For Modern Applications and Services (by keycloak)


Basic Keycloak repo stats
7 days ago

keycloak/keycloak is an open source project licensed under Apache License 2.0 which is an OSI approved license.

Keycloak Alternatives

Similar projects and alternatives to Keycloak
  • GitHub repo keto

    Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

  • GitHub repo authelia

    The Single Sign-On Multi-Factor portal for web apps

  • GitHub repo SuperTokens Community

    Open source alternative to Auth0 / Firebase Auth / AWS Cognito

  • GitHub repo fusionauth-issues

    FusionAuth issue submission project

  • GitHub repo Strapi

    🚀 Open source Node.js Headless CMS to easily build customisable APIs

  • GitHub repo Kong

    🦍 The Cloud-Native API Gateway

  • GitHub repo ASP.NET Core

    ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.

  • GitHub repo Vault

    A tool for secrets management, encryption as a service, and privileged access management

  • GitHub repo hydra

    OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Compatible with MITREid.

  • GitHub repo github

    Go library for accessing the GitHub API

  • GitHub repo Twig

    Twig, the flexible, fast, and secure template language for PHP

  • GitHub repo trivy

    A Simple and Comprehensive Vulnerability Scanner for Container Images, Git Repositories and Filesystems. Suitable for CI

  • GitHub repo Doorkeeper

    Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.

  • GitHub repo KrakenD

    Ultra performant API Gateway with middlewares

  • GitHub repo falco

    Cloud Native Runtime Security

  • GitHub repo oauth2-proxy

    A reverse proxy that provides authentication with Google, Github or other providers.

  • GitHub repo kratos

    Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, MFA, FIDO2, profile management, identity schemas, social sign in, registration, account recovery, service-to-service and IoT auth. Can work as an OAuth2 / OpenID Connect Provider. Golang, headless, API-only - without templating or theming headaches. (by ory)

  • GitHub repo Spotbugs

    SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

  • GitHub repo Thymeleaf

    Thymeleaf is a modern server-side Java template engine for both web and standalone environments.

  • GitHub repo frank_jwt

    JSON Web Token implementation in Rust.

NOTE: The number of mentions on this list indicates mentions on common posts. Hence, a higher number means a better Keycloak alternative or higher similarity.


Posts where Keycloak has been mentioned. We have used some of these posts to build our list of alternatives and similar projects - the last one was on 2021-04-09.
  • Are there PHP-based SSO / OAuth / SAML / CAS providers that I can easily self-host and manage graphically on cPanel shared hosting ?
    I only know SimpleSAMLphp, which is written in PHP. I personally use Keycloak because it is incredibly powerful, extensible and easy to manage. As for your services, you always have to check if they support OAuth 2 / OpenID Connect or SAML 2.0. But that should not be a problem for most of them.
    What you are looking for is an Identity Provider or IdP. As far as self hostable solutions go, Keycloak is going to be your best bet. I’m not aware of any IdPs that are written in PHP and can match the features of Keycloak.
  • Show HN: Ory Keto, open source authorization server based on Google Zanzibar | 2021-04-08
  • Keystone as a standalone Identity Service | 2021-04-05
    Definitely you should aim towards keycloak or dex. The first being more generalistic, the later made towards kubernetes.
  • End user authentication workflow
    Keycloak for more complex AuthN workflows
  • Never write a UserService again | 2021-03-22
    self-hosted: KeyCloak, Gluu, FreeIPA
  • Can I use Python django-oauth-toolkit or any other OAuth 2.0 compliant library to secure an API written on NodeJS that is being hosted on different server ? | 2021-03-18
    Keycloak should have all the features you need and is very popular in this exact space. It extracts user handling, authentication and authorization for services that are implemented behind it.
  • Authelia is an open-source authentication/authorization server with 2FA/SSO | 2021-03-10
    Looks like Keycloak's certificate is only valid with `www.`:

    > - Keycloak (you won't get fired for picking this)[0]

    Curious what you mean with "you won't get fired for picking this". Do you mean that it's good and easy to run, or something else?

  • Okta to Acquire Auth0 for $6.5B | 2021-03-03 is another open source option.

    Compared to other choices, it's more mature and well-vetted because it forms the upstream for RedHat's SSO offering.

    On the other hand, it's a big monolithic Java app, but they are making some moves to be more CNF-friendly:

  • Nginx As Reverse Proxy In Front Of Keycloak | 2021-02-28
    Keycloak is an open-source identity and access management service. It offers all the features you might need, like multi-factor authentication, integration with common identity providers, user federation, brute force protection, and many others. This post describes how to use Keycloak and Nginx together.
  • Open sourcing | 2021-02-25
    I've created a Go client for Keycloak - I thought this might be handy for some of you.
  • Authentication for Enterprise API | 2021-02-20
    TLDR: use API keys for ultimate simplicity, but if more than that is needed use . It's Redhat's complete, open source auth solution which provides everything for every auth use case in a neat interface. Including: username/password/email log in, password reset, email change, log in with google/facebook/twitter, being an OAuth provider, SAML and so on.
  • Announcing Strapi v3.5 with the Sentry plugin, SSO authentication, and more | 2021-02-18
    We’re striving to make Strapi a robust and secure tool for all kinds of projects and users. Version 3.5 introduces an SSO authentication feature for the Strapi admin panel, which lets enterprises connect Strapi to their authentication providers and protocols such as Active Directory, Okta, Auth0, Keycloak, OAuth etc. Employees will be able to use the credentials of a third-party app to log in to the admin panel. Please note that version 3.5 includes only SSO authentication and not authorization.
  • Web Application Security Checklist (2021) | 2021-02-16
  • IdetityServer will be last open-source version | 2021-02-12
    Keyloak is a great open-source Identity and Access Management server.