Page MenuHomeSoftware Heritage

Experiment with keycloak: an open source identity and access management solution
Open, NormalPublic


Keycloak seems one of the best open source solution for adding authentication to applications and securing services with minimum fuss.

Below is a non exhaustive list of the features it offers:

  • User Registration
  • Social login
  • Single Sign-On/Sign-Off across all applications belonging to the same Realm
  • 2-factor authentication
  • LDAP integration
  • Kerberos broker

It could be used to manage the users authentications and permissions in swh-web but also to secure other Software Heritage services.

As a first experiment, let's try to use it to implement user authentication and rate limit permissions in swh-web.