DEV Community

Alex Spinov
Alex Spinov

Posted on

Keycloak Has a Free API — Add Auth to Any App in Minutes

#keycloak #authentication #api #security

Keycloak is an open-source identity and access management solution. It gives you SSO, OAuth 2.0, OpenID Connect, and user management with a powerful REST API — all for free.

What Is Keycloak?

Keycloak handles authentication so you do not have to build it from scratch. SSO, social login, 2FA, LDAP integration, role-based access — everything you need.

Why Keycloak?

  • 100% free and open-source
  • Enterprise-grade (Red Hat backed)
  • REST API for everything
  • Admin console included
  • Docker deployment in 1 command

Quick Start with Docker 

docker run -p 8080:8080 \
  -e KC_BOOTSTRAP_ADMIN_USERNAME=admin \
  -e KC_BOOTSTRAP_ADMIN_PASSWORD=admin \
  quay.io/keycloak/keycloak:latest start-dev
Enter fullscreen mode Exit fullscreen mode

Admin console: http://localhost:8080

REST API Examples 

# Get admin token
TOKEN=$(curl -s -X POST http://localhost:8080/realms/master/protocol/openid-connect/token \
  -d "grant_type=password&client_id=admin-cli&username=admin&password=admin" | jq -r .access_token)

# List users
curl -s http://localhost:8080/admin/realms/master/users \
  -H "Authorization: Bearer $TOKEN" | jq ".[].username"

# Create user
curl -X POST http://localhost:8080/admin/realms/master/users \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"username":"newuser","enabled":true,"credentials":[{"type":"password","value":"pass123","temporary":false}]}'
Enter fullscreen mode Exit fullscreen mode

Use Cases

  1. Single Sign-On — one login across all your apps
  2. Social login — Google, GitHub, Facebook, Apple
  3. API protection — OAuth 2.0 token validation
  4. User management — CRUD users via API
  5. Multi-tenancy — separate realms per tenant

Node.js Integration 

const Keycloak = require("keycloak-connect");
const session = require("express-session");

const keycloak = new Keycloak({ store: new session.MemoryStore() });

app.use(keycloak.middleware());

app.get("/api/protected", keycloak.protect(), (req, res) => {
  res.json({ user: req.kauth.grant.access_token.content.preferred_username });
});
Enter fullscreen mode Exit fullscreen mode

Keycloak vs Alternatives

Feature Keycloak Auth0 Firebase Auth
Price Free Paid after 7.5K Paid after 50K
Self-hosted Yes No No
REST API Full Full Limited
Social login Yes Yes Yes
Enterprise features Yes Paid No

Need web data at scale? Check out my scraping tools on Apify or email spinov001@gmail.com for custom solutions.

Top comments (0)