After spending some time reading about keycloak and the open id connect specification
(seems that it was just finalized yesterday), I am getting the impression that keycloak
and open id connect are competing technologies. They seem very similar in implementation
since they are both build on top of OAuth 2 and JWT, while solving a similar problem,
which is that OAuth 2 on it's own is an authorization framework and not an
authentication mechanism.
My assumptions could very well be incorrect, as I haven't spent enough time digging
into both offerings to assert the above with any sort of certainty.
Bill (et al), would you kindly address my concerns as outlined above and perhaps explain
why they are or aren't competing technologies, how they may compliment each other or
how they could be used together in either an enterprise (closed environment) or web (open
social environment) setting?
Thanks a lot for your time.
J