Wei Li David Martin Do we require a keycloak wrapper for this? At the moment it looks like all the functions we want in the auth module will be directly provided by keycloak. If, however, we envisage there being a need to extend it in the future (with the possibility our new functions won't have a 1:1 pairing) then it might make sense to have a thin wrapper at the moment and then build it out as more requirements come in.

What do you think?