The few attendants to this talk proofs that we think we are better at security than we really are lol. Very good talk. I’m just getting started with Keycloak and I already want to use it in all of my projects. The policy stuff is crazy useful!
For getting the avatar url in id jwt token, you needed to 1. Create a new client scope or use existing client scope 2. Map the user attribute (avatar url) to the the selected client scope 3. For the selected client, assign the above client scope as default client scope. 4. Now in the jwt id token, avatar url would appear.
what should i do if i want to login and get such response of {access_token, id_token, refresh_token} but also I want to add new object in this response ?
Just so I understand - by following this demo I would need to update all of the UI pages contained in Keycloak so that I can get my application's look and feel - correct? Does that mean I essentially need to maintain 2 sets of code (i.e. my application ui code and the keycloak ui code)? And consequently potentially coordinate my application deployments with re-deployment of Keycloak?
I believe the keycloak customization stuff should be done once, though it might change from app to app, so on that area I guess it will need some customization per-app, but it's still just the GUI, not the whole logic, which might be a bunch of code more than just the GUI.
I love Keycloak but please rewrite it in Golang :) I can not see that Keycloak is eating about 450MB Ram in IDLE by comparing with 20MB of a service in Go.
My first thought too, but then I realized that English is his second language. Cut the dude a break. I'm guessing his English is WAY better than either of our second languages.
@@MotownGuitarJoe My second language should be almost on a similar level but my 3rd not. I think this account here just stole the video and fucked up the title :D
The few attendants to this talk proofs that we think we are better at security than we really are lol.
Very good talk. I’m just getting started with Keycloak and I already want to use it in all of my projects. The policy stuff is crazy useful!
At @12:00 you forgot to click save button :(
For getting the avatar url in id jwt token, you needed to
1. Create a new client scope or use existing client scope
2. Map the user attribute (avatar url) to the the selected client scope
3. For the selected client, assign the above client scope as default client scope.
4. Now in the jwt id token, avatar url would appear.
He forgot to save when he created the User Attribute for avatar.
hi bro
i am new to keycloak and i am bit confused about the concepts
can we connect
Great talk about Keycloak! Thanks!
Amazinnggg.Devoxx always bring very interesting topics.Thank you devoxx.
Pure gold @28:00
Great Session. Thanks for this !
great explanation! Thank you so much ❤
Informative Session!
super useful video.
Great video, good explanations!!
To make the avatar picture visible you forgot to Save the attribute at minute 12:04
I think Policy Enforcement Point call keycloak server(with grant_type=uma-ticket) every time request to check if it is acceptable or not
Thank you for this nice Presentation. May i ask what OS and Terminal u use?
he's using Mac for sure
@@nec1211986 That's RHEL (Red Hat Enterprise Linux)
@@nec1211986 No no!!!
Two factor 🙂
Great Talk
does anyone have keycloak hardening guide?
Thanks,do we have this code in github?
what should i do if i want to login and get such response of {access_token, id_token, refresh_token} but also I want to add new object in this response ?
Just so I understand - by following this demo I would need to update all of the UI pages contained in Keycloak so that I can get my application's look and feel - correct? Does that mean I essentially need to maintain 2 sets of code (i.e. my application ui code and the keycloak ui code)? And consequently potentially coordinate my application deployments with re-deployment of Keycloak?
49:50 no you can use REST to do that with your own app
I believe the keycloak customization stuff should be done once, though it might change from app to app, so on that area I guess it will need some customization per-app, but it's still just the GUI, not the whole logic, which might be a bunch of code more than just the GUI.
The demo is good but the text on the screen is SOOO BLURRY I cant read what he is doing. I need to audio just so he can give the play by play.
Case with avatar is like stend up
Is it possible the something with oauth
I love Keycloak but please rewrite it in Golang :) I can not see that Keycloak is eating about 450MB Ram in IDLE by comparing with 20MB of a service in Go.
From Keycloak 17.x, it was built using Quarkus, with low memory usage and fast start up.
You could consider zitadel if you want something written in go.
(Title is spelled wrong on the video)
"Bilding"?
My first thought too, but then I realized that English is his second language. Cut the dude a break.
I'm guessing his English is WAY better than either of our second languages.
@@MotownGuitarJoe My second language should be almost on a similar level but my 3rd not. I think this account here just stole the video and fucked up the title :D
Great talk about Keycloak! Thanks!