Keycloak alternatives Sadly, keycloak neither supports yubikey directly nor web authn as at least second factor which is a must for me. Keycloak requires an external instance of LDAP and from experience is a royal pain to setup well. #security #blockchains #identity So many k8s users only know how to deploy helm charts these days. LDAP). I'll check out Zitadel and Casdoor as alternatives. Absolutely agree. A place to share, discuss, discover, assist with, gain assistance for, and critique self-hosted alternatives to our favorite web apps, web services, and online tools. e. Keycloak has very solid docs for k8s. Experiences with keycloak alternatives Hi, I want to set up SSO with an OpenID provider like keycloak. It's also not difficult to use, but it does expose a lot of configuration options with less than helpful explanations. 275 votes, 112 comments. I’ve been using Keycloak but I’ve been looking at production guides, and it seems like Keycloak maintains its own internal in-memory Infinispan cluster, which means the various instances of Keycloak container have to be coordinated together AND since each container stores state, it’s much less feasible to randomly spin up/spin down containers since it’ll cause a large r/KeyCloak: Brining the KeyCloak community together to build the future of Identity and SSO. Knowing RedHat - knowing how they think from various meetings with them in different roles - there will be some trick - some deal - where keycloak is suboptimal unless you pay RedHat. I’m impressed enough that I actually have hope it’ll be a viable professional alternative to keycloak - keycloak works great but it’s a very big lift and learning curve, especially for greener teams to maintain and troubleshoot. I am skipping Keycloack BECAUSE its a RedHat thing. I chose Authentik over Keycloak simply because it aims to come with all the batteries included (i. How is Keycloak in comparison? Authelia from what I saw is more for custom apps, but since part of my stack relies on other open-source solutions I'd rather have the more streamlined SSO/LDAP setup. Members Online cafaveg405 Experiences with keycloak alternatives Hi, I want to set up SSO with an OpenID provider like keycloak. It's closer to a self hosted Azure active directory than anything else. Thank you for all the insight, and the suggestions! Keycloak isn't an auth solution (at least in the way of having app integrations or an SDK), it's an identity manager. Members Online cafaveg405. true. 5 million users) and Keycloak is great, but: the configuration is painful to store/deploy as code deployments are heavy/slow for CD style deployments on K8s performance is lacking in certain areas (searching for users is super slow) I really dislike writing Java As u/internallogictv pointed out Keycloak has the backing of Redhat so theoretically it should be better supported from a security standpoint. I rolled out a Keycloak instance a bit over a year ago (about 1. kim bjkqrq iintn viwxfi jikwk untto fdbmac dcqq jyfkb jyzgf