So if Keycloak Proxy is not an option (nor anything similar to that), I
would also stay away from anything close to the "adapter".
Therefore, +1 to Keycloak Gatekeeper (@Bruno, I changed my vote in the
On Tue, Aug 21, 2018 at 11:58 PM Stian Thorgersen <sthorger(a)redhat.com>
Sure, proxy is the obvious name, but for reasons already mentioned by
it's not really an option for us.
It comes from the Keycloak team, so it should have the Keycloak name in it.
I agree that doesn't automatically state it's a generic OIDC adapter, but
I'd like to keep our name in there.
>From the suggestions so far there are two I like:
* Keycloak Gatekeeper - suggested by Thomas on the poll. I really like this
and it fits nicely with Keycloak. It's also so much cooler than
* Keycloak Standalone Adapter
On Tue, 21 Aug 2018 at 04:27, Fox, Kevin M <Kevin.Fox(a)pnnl.gov> wrote:
> Coming from the outside world, I mostly searched for oidc and proxy as
> thats what I needed. I found oauth2_proxy after a little searching, but
> have been disappointed in how slow its releases are. Bugs aren't getting
> fixed quickly. When I looked at keycloak-proxy initially, I didn't look
> closer for a while as i thought is was keycloak specific.
> So, something like oidc-proxy might get you more successful hits.
> From: keycloak-user-bounces(a)lists.jboss.org [
> keycloak-user-bounces(a)lists.jboss.org] on behalf of Alex Szczuczko [
> Sent: Monday, August 20, 2018 2:04 PM
> To: Bruno Oliveira; Hynek Mlnarik
> Cc: keycloak-dev; keycloak-user
> Subject: Re: [keycloak-user] Keycloak Proxy Rename
> In thinking a new name, I tried to look hard at these things:
> 1. what this software actually does.
> 2. what makes this software desirable to a user.
> 3. what "adapter" has meant for keycloak in the past.
> I'm not the best person to answer these questions, but here's what I've
> dug up:
> 1. Accepts HTTP requests and talks with Keycloak via OIDC to see if
> the client it serves should treat the requests as authenticated
> and/or authorized.
> 2. It avoids the need to install a bit of Keycloak software into the
> users' applications.
> 3. According to the docs: Keycloak client adapters are libraries
> that makes it very easy to secure applications and services with
> Keycloak ... our adapters easy to use and they require less
> boilerplate code than what is typically required by a library.
> #1 is what we've been focusing on with names like "proxy". The
> such names are dissatisfying is there is nothing unique about sitting in
> between two endpoints and doing stuff. So, we need to look at what that
> "stuff" means for Keycloak.
> #3 in combination with #2 tells us what this "stuff" means for Keycloak.
> This new software is clearly not an adapter. Actually, this new software
> accomplishes the mission of an adapter better than adapters themselves!
> Following that logic, Superadapter is my main proposal for a new name.
> Maybe throw in OIDC (oidc-superadapter) if there's ever going to be a
> Alternatively, we could focus on the lack of an adapter, with names
> based on terms like Adapterless:
> - AKI: Adapterless Keycloak Integrator
> - KOSA: Keycloak OIDC Sans-Adapter
> - AKOS: Adapterless Keycloak OIDC Server
> - KOAF: Keycloak OIDC Adapter-Free
> - etc...
> Quoting Bruno Oliveira (2018-08-20 09:54:42)
> > Only to give a brief context for people not aware of it. Keycloak
> > Generic Adapter was not well accepted, because the naming is too
> > vague. So we have to reopen this discussion and think about a better
> > naming.
> > During our team call today I suggested just "keycloak-adapter",
> > would cover the apps which don't have its own specific adapter
> > solution.
> > That said, maybe we should open a new poll? I just created a new one
> > where people can vote/suggest:
> > https://poll.ly/#/Lbww4ebG
> keycloak-user mailing list
> keycloak-user mailing list
keycloak-user mailing list