Keycloak authentication

With Keycloak, censhare provides an external authentication solution that can integrate existing authentication methods. Keycloak is available in combination with censhare WP.

Release information

As of censhare 2021.2.x, censhare uses Keycloak as default authentication solution. This implies important changes on the authentication configuration. 

About Keycloak

Keycloak is an open-source identity and access management solution. Keycloak is used to integrate external authentication methods such as LDAP or SAML. 

Authentication types

In terms of the type of authentication, Keycloak is very flexible. Among other things, users can be authenticated within Keycloak against an Active Directory or an LDAP server. If you already use Keycloak in your organizational network, you can use your existing Keycloak instance. 

If you use an external identity provider, Keycloak serves as an identity broker between the identity provider and censhare. If you use Keycloak with the censhare standard authentication, Keycloak serves as a gatekeeper to the censhare Server. 

Standard Protocols

Keycloak is published under the free Apache 2.0 license.

Keycloak is based on standard protocols and provides support for OpenID Connect, OAuth 2.0, and SAML.

Multi-factor authentication (MFA)

Keycloak allows you to set up MFA. This configuration is not censhare-specific. For this reason, please feel free to check the documentation provided by Keycloak itself or other resources. 

Keycloak and censhare

For censhare, Keycloak is available in combination with censhare WP as of censhare 2021.2.

Keycloak can be used with all censhare clients. Existing authentication methods can be used as before for censhare Web, the censhare Client, the censhare Admin Client, and Service Client.

If you already use Keycloak in your organizational network, you can use your existing Keycloak instance. In this case, you must add and configure the censhare realm on your Keycloak server. Ask our support for an installation package without Keycloak, if you do not need to install Keycloak bundled with the censhare platform.

More information on censhare WP

Additional resources

For administrators - with productive systems

For developers - with local installations and for testing

• Setup local Keycloak instance
• Set up Keycloak authentication for censhare clients (macOS)
• Install and configure Keycloak (Windows)Install and configure Keycloak (Windows)

Documentation 

• Keycloak Guides at keycloak.org:

  • Get started

  • Server installation

  • Server administration

  • Admin Rest API

• Keycloak - curated list
  Learning resources on the Open Source Identity and Access Management solution Keycloak.
  Contains books, websites, blog posts, and links to GitHub repositories.
• Why Keycloak - demonstration
  A high-level introduction to Keycloak. Why censhare chooses Keycloak as Identity and Access Management.
  Created by our academy team.