KeyCloak Open source SSO Solutions

KeyCloak  Free SSO Solution

Secure Web Apps, APIs with OpenID Connect, OAuth2.0, SAML2.0

Out of the box solution to quickly add identity management and single sign on capabilities. Streamline user management across modern web apps and services


Keycloak is another open source alternative to provide identity and access management with Single Sign ON (SSO). It’s easy to setup and provides many enterprise-grade features out-of-the-box such as : User Federation, Identity Brokering and Social Logins. It uses standard protocols to implement SSO e.g OpenID Connect, OAuth 2.0 and SAML 2.0. It supports integration with LDAP and Active Directory.

It comes with out of the box UI to manage users, clients, realms, roles, sessions configuration etc.

It’s lightweight, fast and supports clustering, so it has better scalability and availability than it’s competitors. UI look can feel can also be customized using themes. Secured by configurable password policies module – It provides centralized user management without any hassle.

KeyCloak also provides many client libraries a.k.a (client adapters) to provide seamless integration with other platforms. Java, JavaScript, C# (Owin(, NodeJS,Python, Android , IOS are supported.

System Requirements

  • Any OS that runs Java
  • Java 8 JDK
  • Minimum 512 RAM
  • 1 GB of disk space


  •  Authentication as Service:
  • Single Sign-on /Sign-out
  • Access Control for API
  • Supports Federated Identities (Google,Facebook etc).
  • UI Customization
  • Multiple Flows (Implicit, Authorization code etc).
  • API Authorization
  • Claim-based provider


Unzip downloadable distribution file –  ‘keycloak-11.0.0.[zip|tar.gz]

Standalone Boot Script

/bin directory contains all the scripts. based on the OS the script file can be run:


    $ .../bin/


    > ...\bin\standalone.bat

Standalone Configuration

Configuration file (in Standalone mode) is located at /standalone/configuration/standalone.xml.

Running in Docker

Start Keycloak with the following command:

    docker run -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin

This will start Keycloak exposed on the local port 8080. It will also create an initial admin user with username admin and password admin.


You may find the following links relevant: