[keycloak-dev] relationship between application and realm

[Thomas Heute]

On 09/13/2013 04:10 PM, Bill Burke wrote:
>
>
> On 9/13/2013 9:59 AM, Stian Thorgersen wrote:
>> For social Keycloak should provide integrated and branded experiences. This is done by letting developers use their own key and secrets for social networks. It still saves users a lot of work to incorporate login with social networks. Incorporating social networks is a non-trivial thing if done correctly (I can elaborate on this if you want).
>>
>> SSO is one compelling features yes, but there's loads more very nice features that we can provide:
>>
>> * Audit
>> * User management
>> * User workflows - password reset, verify email, etc, etc..
>> * Social aspects
>> * Multi-factor authentication
>> * Link with corporate identity providers (for example LDAP)
>> * Ability to use the same solution for server-side, client-side and mobile applications
>>
>
> There's already solutions internal and external to Red Hat that provide
> many of these features.  I think we can do it *BETTER*, but familiarity
> breeds complacency and users just might stick to what they know than
> move to Keycloak even if it is better.
>
> I honestly think TOTP, OAuth Grants, and SSO will be our most important
> features to grab initial users.
>
> I don't have much data on why I think this, its just from users pinging
> me on Resteasy lists, sales pinging me on email, and sitting in security
> presentations at JBW, RHS.  Even Thomas Heute telling me people buy
> JBoss Portal for its Identity Management.

Who's that moron anyway ?!

>
>> Of course, how useful each feature is depends on the target audience! IMO Keycloak will provide loads of value to:
>>
>> * A single logical app - but where there's different versions (desktop, mobile, etc.)
>> * A enterprise with loads of REST services, desktop applications, web applications, mobile applications, etc....
>>
>
> These two fall into the SSO category. :)
>