[keycloak-user] Need info for network security
Dmitry Telegin
dt at acutus.pro
Mon Jul 30 22:01:41 EDT 2018
Hi Ranjan,
On Mon, 2018-07-30 at 08:00 +0000, Pakira, Ranjan wrote:
> Hi,
> We are planning to setup Keycloak in new Network and network security team need some information. Can you please help us with the answer of the following queries?
>
> How is this user data secured in rest and in transit?
It is recommended that the data in transit be protected with SSL/TLS.
It can be configured either in Keycloak or (preferably) on the reverse
proxy / load balancer side.
OpenID Connect and REST services use JSON message format. No additional protection is involved aside from SSL/TLS.
SAML protocol can use additional message-level security, like encrypted/signed assertions.
> How is in control of Keyclock? and do you have the correct process around access, Starters movers leavers etc?
If you meant "who is in control of Keycloak", it is developed by Red Hat with contributions from the community. I'd suggest that you contact Red Hat directly re the process.
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info at acutus.pro
>
> Thanks & Regards,
> Ranjan Pakira
>
> This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list