The latest articles on DEV Community by Yash Kashyap (@yashkashyap). https://dev.to/yashkashyap https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1665543%2Fb0346919-3acf-42f9-90a1-cb437ff224f0.png https://dev.to/yashkashyap en Yash Kashyap Sun, 23 Jun 2024 08:27:15 +0000 https://dev.to/yashkashyap/understanding-authentication-authorization-with-help-of-keycloak-cdd https://dev.to/yashkashyap/understanding-authentication-authorization-with-help-of-keycloak-cdd <p>Authentication and authorization are two fundamental concepts in the realm of security, especially in computer applications.</p> <p><strong>Authentication-</strong> Authentication is the process of verifying the identity of a user, device, or entity in a computer system.</p> <ul> <li> Purpose- To confirm the identity of the user or entity.</li> </ul> <p><strong>Authorization-</strong> Authorization is the process of determining what an authenticated user is allowed to do. It specifies the permissions for resources in the system.</p> <ul> <li> Purpose- To control access to resources and actions based on user privileges.</li> </ul> <p>There are lot of way to perform this in application like OAuth2.0, OIDC But all of these are paid platform for large number or advance services. </p> <p>So, To achieve these Services without any cost <strong>keycloak</strong> come in the picture.</p> <p><strong>Keycloak-</strong> Keycloak is an <strong>open-source identity and access management</strong> solution developed by Red Hat. It provides authentication and authorization capabilities for modern applications and services.<br> Some Key Feature about keycloack - </p> <p><strong>Authorization Services:</strong> Fine-grained authorization policies and support for OAuth 2.0, OpenID Connect, and SAML.</p> <p><strong>Identity and Access Management (IAM):</strong> Comprehensive IAM capabilities including role-based access control (RBAC) and multi-factor authentication (MFA).</p> <p><strong>Installation and Setup for keycloak:</strong><br> This is a official documentation of keycloak setup <a href="https://www.keycloak.org/guides">https://www.keycloak.org/guides</a></p> <p><strong>Integration-</strong> </p> <ul> <li><p>OAuth 2.0 and OpenID Connect: Keycloak supports OAuth 2.0 and OpenID Connect protocols for securing applications.</p></li> <li><p>SAML: Keycloak can act as a SAML Identity Provider (IdP) and Service Provider (SP).</p></li> <li><p>Identity Providers: Integrate with external identity providers like Google, Facebook, and others for authentication.</p></li> </ul> <p>I hope you learnt something new today.</p> <blockquote> <p>End Note: If you check out my profile, this is my first-ever post. So please let me know how I did, and how I can improve in future. Thanks!</p> </blockquote> Yash Kashyap Sun, 23 Jun 2024 08:27:14 +0000 https://dev.to/yashkashyap/understanding-authentication-authorization-with-help-of-keycloak-4dl3 https://dev.to/yashkashyap/understanding-authentication-authorization-with-help-of-keycloak-4dl3 <p>Authentication and authorization are two fundamental concepts in the realm of security, especially in computer applications.</p> <p><strong>Authentication-</strong> Authentication is the process of verifying the identity of a user, device, or entity in a computer system.</p> <ul> <li> Purpose- To confirm the identity of the user or entity.</li> </ul> <p><strong>Authorization-</strong> Authorization is the process of determining what an authenticated user is allowed to do. It specifies the permissions for resources in the system.</p> <ul> <li> Purpose- To control access to resources and actions based on user privileges.</li> </ul> <p>There are lot of way to perform this in application like OAuth2.0, OIDC But all of these are paid platform for large number or advance services. </p> <p>So, To achieve these Services without any cost <strong>keycloak</strong> come in the picture.</p> <p><strong>Keycloak-</strong> Keycloak is an <strong>open-source identity and access management</strong> solution developed by Red Hat. It provides authentication and authorization capabilities for modern applications and services.<br> Some Key Feature about keycloack - </p> <p><strong>Authorization Services:</strong> Fine-grained authorization policies and support for OAuth 2.0, OpenID Connect, and SAML.</p> <p><strong>Identity and Access Management (IAM):</strong> Comprehensive IAM capabilities including role-based access control (RBAC) and multi-factor authentication (MFA).</p> <p><strong>Installation and Setup for keycloak:</strong><br> This is a official documentation of keycloak setup <a href="https://www.keycloak.org/guides">https://www.keycloak.org/guides</a></p> <p><strong>Integration-</strong> </p> <ul> <li><p>OAuth 2.0 and OpenID Connect: Keycloak supports OAuth 2.0 and OpenID Connect protocols for securing applications.</p></li> <li><p>SAML: Keycloak can act as a SAML Identity Provider (IdP) and Service Provider (SP).</p></li> <li><p>Identity Providers: Integrate with external identity providers like Google, Facebook, and others for authentication.</p></li> </ul> <p>I hope you learnt something new today.</p> <blockquote> <p>End Note: If you check out my profile, this is my first-ever post. So please let me know how I did, and how I can improve in future. Thanks!</p> </blockquote>