[keycloak-dev] Some questions from a Keycloak talk

Thomas Darimont thomas.darimont at googlemail.com
Thu Mar 30 06:43:36 EDT 2017

Hi group,

yesterday I gave a talk about Keycloak at the Javaland conference in
The talk was well attended (~100) and I got a lot of questions at the end.

Some of the things people asked for were:
Q1: Will Keycloak support JWT with EC signature?

Q2: How to integrate Keycloak login forms or use custom login components
in Single Page Applications?

Q3:Will the Spring Boot Adapter make use of the Spring Security Adapter
instead of
using the Servlet Container specific implementations?

Q4: Is there a reserved path for custom REST-Resources to avoid
clashes with Keycloak REST-Resources in new releases?

Q5: Is there a documentation of all exposed Resource paths in Keycloak
 (appart from the REST API Docs)?

Q6: Are there some guidelines for protecting a Keycloak server?

Q7: The RH-SSO commercial offering states that it is based on the Open
Community Edition of Keycloak and that on can get patches and support.
Will those patches (e.g. for security vulnerabilities) also end up in the
Community Edition?

In addition to those questions. Some people asked for a list of services
using Keycloak.

Since not many people talk about that they are using Keycloak
I found a nice way to find some Keycloak installations with a simple
google search, just try:

inurl:auth inurl:realms inurl:protocol


More information about the keycloak-dev mailing list