Keycloak: Open-source identity and single-sign-on for your apps.

This is an open-source Identity and Access Management solution that lets you add authentication to applications and secure services with minimum effort. You no longer need to deal with storing or authenticating users. It's all handled centrally.

Key features include:

Single-Sign-On: Users authenticate once to gain access to multiple applications. It also provides single-sign out, so users log out from all connected applications at once.
Identity Brokering and Social Login: Enable login with social networks like Google or GitHub through a simple configuration in the admin console. You can also connect to existing OpenID Connect or SAML 2.0 identity providers.
User Federation: Connect to existing user directories with built-in support for LDAP and Active Directory. You can also implement your own provider for custom user stores.
Centralized Management: A comprehensive Admin Console allows administrators to manage users, roles, applications, and fine-grained authorization policies. Users get their own Account Management Console to update profiles, change passwords, and set up two-factor authentication.
Standard Protocols: Built on open standards, it provides full support for OpenID Connect, OAuth 2.0, and SAML.

Directory Structure

keycloak

postgres-data

providers

themes

.env

docker-compose.yml

services:
  postgres:
    image: postgres:15
    container_name: keycloak_db
    environment:
      POSTGRES_DB: keycloak
      POSTGRES_USER: keycloak
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
    volumes:
      - ./postgres-data:/var/lib/postgresql/data
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U keycloak"]
      interval: 10s
      timeout: 5s
      retries: 5

  keycloak:
    image: quay.io/keycloak/keycloak:latest
    container_name: keycloak
    command: start-dev
    environment:
      KC_DB: postgres
      KC_DB_URL: jdbc:postgresql://postgres:5432/keycloak
      KC_DB_USERNAME: keycloak
      KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
      KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN}
      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
      KC_PROXY: edge
    ports:
      - "8080:8080"
    depends_on:
      postgres:
        condition: service_healthy
    volumes:
      - ./providers:/opt/keycloak/providers
      - ./themes:/opt/keycloak/themes

.env

POSTGRES_PASSWORD=your_secure_database_password
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=your_secure_admin_password

GitHub Repository

Stars

33,265

Forks

8,124

Last commit

1 day ago

Repository age

over 12 years

License

Apache-2.0

View Repository

Auto-fetched about 24 hours ago

Container Image

Pulls

11.6M

Last week pulls

161.8K

Last updated

2 days ago

Image age

almost 4 years

Image size

250.69 MB

View on Docker Hub

Auto-fetched about 24 hours ago

Similar to Keycloak

View all tools

Logto

Build secure apps with multi-tenancy and enterprise SSO

Identity and Access Management

11.7k

373.8K

Integrate multi-tenancy, enterprise SSO, and role-based access control into your SaaS or AI applications using simple, fast, and developer-friendly protocols.

Authentik

Take full control of your identity infrastructure.

Identity and Access Management

20.5k

Bring all authentication into one self-hosted, open-source platform. Customize every step with APIs and templates for ultimate flexibility and data control.

Authelia

Fast, lightweight, and secure application access control.

Identity and Access Management

27.1k

71.5M

Secure your applications with a free, open-source IAM platform. Get single sign-on, multi-factor authentication, and granular access control in a lightweight solution.