Re: [keycloak-user] Exposing keycloak to clients or hide it
There are two main things you'd miss:
* Direct support for roles - there are ways to do this though
* Backchannel logout - our logout mechanism for OIDC is currently
proprietary as there was no OIDC spec for it when we implemented it, and
it's still only a draft I believe
On 6 February 2017 at 16:40, Istvan Orban <istvan.orban(a)gmail.com> wrote:
Hi Everyone,
I have set-up keycloak locally and I like it a lot. I generally like to
hide implementation detail from related services so that they can be
decoupled.
I know keycloak have libs for plenty of different frameworks etc, although
I am thinking about setting it up using Apache and mod_auth_openidc
The advantage is that our software will have openid connect as a dependency
rather than keycloak. I would like to ask you what I am missing out with
such a setup?
Are there any major features I am loosing by not using keycloak specific
clients libs to connect my appllications to keycloak directly?
Thanks for any insights !
Istvan
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user