The Keycloak Token Config Mistakes 90% of All Developers Get Wrong (and how to avoid)

Transcript

1. THE KEYCLOAK MISTAKES THAT 90% OF ALL DEVELOPERS GET WRONG

   (…THE THIRD ONE WILL SURPRISE YOU..! 😅)

2. ABOUT ME ▸ Independent Consultant/Architect/Developer/Trainer ▸ Doing stuff with &

   without Computers, Software, > 25 yrs ▸ "Mr. KEYCLOAK" since 2015 (v1.x) ▸ Organizer of KEYCLOAK DevDay Conf (keycloak-day.dev) ▸ Member of various IAM Expert groups & communities ▸ Co-Lead of JUG DA (www.jug-da.de / @JUG_DA) ▸ Web: www.n-k.de / Social: @dasniko YouTube: youtube.com/@dasniko

3. https://keycloak-day.dev

4. API 1 WebApp API 2 THE KEYCLOAK MISTAKE THAT 90%

   OF ALL DEVELOPERS GET WRONG SCENARIO: TOKEN PROPAGATION

5. API 1 WebApp (Frontend / SPA) API 2 THE KEYCLOAK

   MISTAKE THAT 90% OF ALL DEVELOPERS GET WRONG SCENARIO: MINIMUM SCOPED TOKEN

6. API 1 WebApp (Frontend / SPA) API 2 THE KEYCLOAK

   MISTAKE THAT 90% OF ALL DEVELOPERS GET WRONG SCENARIO: MINIMUM SCOPED TOKEN Backend (for Frontend)

7. THE KEYCLOAK MISTAKE THAT 90% OF ALL DEVELOPERS GET WRONG

   NIKO KÖBLER | www.n-k.de | [email protected] | @dasniko THANK YOU. ANY QUESTIONS? More info / slides: https://linktr.ee/dasniko

8. MY PUBLIC RESOURCES AND STUFF ➡ Overview / Links: linktr.ee/dasniko

   ➡ Website / Info: www.n-k.de ➡ YouTube / Videos: youtube.com/@dasniko ➡ GitHub / Examples: github.com/dasniko ➡ Speakerdeck /Slides: speakerdeck.com/dasniko