Keycloak IAM & SSO Masterclass

-- Description

This training gives you a complete overview of all Keycloak topics - practical and tailored to your needs. The choice is yours:

• Three-day masterclass for a comprehensive overall package

• 1-day “Keycloak Deployment & Operations” workshop for a targeted introduction to operation and deployment

• 2-day training course “Keycloak IAM & SSO Fundamentals”, which focuses on the basics of identity management and single sign-on

👉 You can select the option that fits you best in the shop.

Who is the Masterclass suitable for? This training is ideal if you work in development, operations or DevOps and are implementing an identity management (IAM) or single sign-on (SSO) solution with Keycloak in your company or project:

• build,
• operate,
• integrate or
• want to establish it sustainably.

Your benefits at a glance: Upon completion, you will be able to, among other things:

• Set up a secure, stable and fail-safe Keycloak environment.
• Configure Keycloak servers and clusters professionally.
• Handle authentication and OIDC confidently and securely.
• This training not only provides you with knowledge, but also with the tools you need to use Keycloak successfully in practice. Start now - and take the next step in your IAM project!

-- Agenda

Day 1 - Deployment, Operations, Observability (can be booked individually)

Server setup & configuration

• Server configuration and deployment
• Versions & upgrades
• Backup & recovery

Clustering and distributed caching

• Configuration of the Keycloak server for cluster operation
• Discussion of the various cluster discovery protocols
• Customization / tuning of the (distributed) cache configuration

Import/export, realm configuration

• Realm export & import
• Import of preconfigured realms
• Admin CLI

Performance & metrics

• Load/performance tests
• System metrics
• Event metrics

Q&A

• Discussion of various questions and topics

Day 2 - Basics, Realms & Clients, etc. (Day 2 & 3 can be booked separately)

Basics & specifications

• Single sign-on (SSO) basics
• Basic knowledge of OAuth2, OpenID Connect (OIDC) and JSON web tokens (JWT)

Realms & clients

• Principle and configuration of Keycloak realms
• First steps with tokens, claims and client scopes
• Client configurations using the example of a distributed application
• Theming of the Keycloak forms/user interfaces

Day 3 - User Management, Clients, Authentication Flows & Required Actions

User management and sources

• Organizations, users, groups and roles in Keycloak
• Creating organizations for multi-tenancy
• Assigning and inviting users to organizations
• User profiles with managed attributes, authorizations, mandatory fields, validators
• Clarification of the differences between user federation / user storage and external identity providers
• Configuration of an LDAP as a user federation
• Using your own user data sources
• Configuration of an external identity provider (identity brokering)
• Interaction between organizations and external identity providers

Authentication flows and required actions

• Design and configuration of various authentication flows
• Extension of the authentication options using custom extensions
• Use of Required Actions
• Configuration of further authentication policies

-- Your Benefits

-- Audience

The workshop is aimed at all people from development, operations and DevOps who want to set up, operate, integrate and establish a single sign-on (SSO) or identity management solution (IAM) in their company or project with Keycloak.

Technical requirements

The required YAML definitions and configuration files, as well as Keycloak extensions for the training environment will be made available to you in advance as a GitHub repository or download.

• Notebook/laptop
• Text editor (VS Code, Notepad++, etc.)
• Docker and Docker Compose V2 installed and running (if necessary, grant local admin rights on the computer)Internet access (check proxy/firewall/VPN configurations etc. if necessary)

-- Training Objectives