<div dir="ltr">Hi,<br clear="all"><div><br></div><div>I am new to keycloak and starting to study it since it has become Red Hat's new Single Sign On solution.</div><div><br></div><div>I've been through a demonstration and saw some nice features like two-factor authentication and social media login, and other basic features like Realm configuration and so on. Some (very basic) questions occurred to me, though, as I describe below:</div><div><br></div><div>1. There are applications in which users authenticate through ADFS (via SAML 2.0), and other situations where the application has its own database with its users (external public). How does Keycloak work to allow single sign on between these two different types of authentication?</div><div><br></div><div>2. Keycloak offers an interface where the application user himself changes the values of some of his own attributes (name, telephone, etc.). Can it be extended and show other metadata? How can I customize and embed this functionality within my application?</div><div><br></div><div>3. Is it possible to enable single sign on between multiple applications using different types protocols? e.g.: an user accessed a Java application and acquired an OAuth Token; then he accessed a .NET application based in SAML 2.0. Will the SSO work in this case? How?</div><div><br></div><div>Thank you for your help.</div><div><br></div><div>Regards,</div>-- <div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">
</div></div>
<div>Eduardo Turella</div></div>