[keycloak-dev] authenticating applications

If SSL is a realm requirement, can't you use two-way SSL using between Keycloak and the application's server using the certificates of each of those servers? There would be no need to set up client certs. For self-signed certs you could even do what the browser does and have the admin console ask to trust the cert from the host of the application's server (vice versa too!). -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com