DEV Community

Cover image for πŸ” SmartKart Microservices Series Day 2
Siddharth Bhamare
Siddharth Bhamare

Posted on • Edited on

πŸ” SmartKart Microservices Series Day 2

🧭 Day 2: Kicking off Auth Service – Exploring Keycloak vs. Duende IdentityServer

In our journey to build a robust, secure, and scalable e-commerce platform (SmartKart πŸ›’) using .NET Core and Microservices, we are now diving into the Authentication and Authorization layer.

Why Start With AuthService?
Authentication is a cross-cutting concern and a foundational piece for secure APIs. Starting here ensures all downstream services follow a consistent security model.


πŸ” What is Keycloak (in simple words)?
Keycloak is an open-source identity and access management tool.

Think of it as a central place where:

  • Users register and log in πŸ”‘
  • Roles and permissions are managed πŸ›‘οΈ
  • Tokens (JWT) are issued for secure API access 🧾

And the best part? It already has all the features built-in β€” you don’t have to code login pages, password management, token handling, etc., yourself!


βœ… Why We Chose Keycloak Over Other Options
As a .NET Core engineer, I evaluated a few options like:

  • ASP.NET Identity + JWT (custom)
  • Duende IdentityServer (formerly IdentityServer4)
  • Keycloak

Here's why I picked Keycloak:

βœ”οΈ 1. Fully Open Source
No license needed for commercial use. Duende requires a paid license for most real-world projects.

βœ”οΈ 2. Feature-Rich, Out of the Box
Login UI, forgot password, role mapping, token issuance β€” all ready without writing extra code.

βœ”οΈ 3. Centralized User Management
You get a user-friendly admin panel to:

  • Add/edit users
  • Assign roles
  • Configure clients/apps

βœ”οΈ 4. Standards-Based Protocols
Supports OAuth2.0, OpenID Connect, and even SAML β€” works well with .NET Core's JWT middleware.

βœ”οΈ 5. Easy to Integrate with .NET Core
Though written in Java, it’s protocol-based, so integration with .NET Core is seamless using:

  • JWT Bearer Authentication
  • OpenID Connect client libraries

βœ”οΈ 6. Scalable & Cloud-Friendly
Supports Docker, Kubernetes, and clustering β€” ideal for microservices.


πŸ“Œ Summary Comparison Table :

Feature Keycloak βœ… Duende IdentityServer ❌
Open Source (free to use) βœ”οΈ Yes ❌ No (requires paid license)
Admin UI for users/roles βœ”οΈ Built-in ❌ Needs custom development
Login/Register/Forgot UI βœ”οΈ Provided ❌ Build yourself
Protocol Support (OAuth2/OIDC) βœ”οΈ Yes βœ”οΈ Yes
Easy .NET Core Integration βœ”οΈ Yes (via JWT/OIDC) βœ”οΈ Native
Multi-tenant support βœ”οΈ Realms ❌ Manual effort

Top comments (0)