Turn Your Vehicle Into a Smart Earning Asset

While you’re not driving your car or bike, it can still be working for you. MOTOSHARE helps you earn passive income by connecting your vehicle with trusted renters in your city.

🚗 You set the rental price
🔐 Secure bookings with verified renters
📍 Track your vehicle with GPS integration
💰 Start earning within 48 hours

Join as a Partner Today

It’s simple, safe, and rewarding. Your vehicle. Your rules. Your earnings.

Keyclock: A Identity & SSO tools

Keycloak: Identity & SSO Tool (IAM in one box)

What it is

Keycloak is an open-source Identity and Access Management (IAM) platform that provides Single Sign-On (SSO), user federation, identity brokering, and fine-grained authorization for web, mobile, and APIs. It implements open standards: OpenID Connect (OIDC), OAuth 2.0, and SAML 2.0.

Core concepts (quick map)

  • Realm: Isolation boundary (tenants). Users, clients, and roles live inside a realm.
  • Client: An app (web, SPA, mobile, API) that uses Keycloak for login or token issuing.
  • Users / Groups: Identities and their organization.
  • Roles: Permissions attached to users/groups (realm roles) or to specific clients (client roles).
  • Mappers: Add custom claims (e.g., roles, email) into tokens.
  • Identity Providers (IdP): External SSO sources (e.g., Google, Azure AD); Keycloak can broker them.
  • Federation: Sync users from LDAP/AD.

What problems it solves

  • Centralized login across many apps (SSO)
  • Standards-based auth for SPAs, mobile apps, and microservices
  • RBAC via realm/client roles in JWTs
  • Social/enterprise login without custom code
  • Admin UI + Admin REST API for automation

Common architectures

  1. Web app → OIDC Authorization Code + PKCE (server session)
  2. SPA + API → SPA gets tokens from Keycloak; API validates JWT (bearer-only)
  3. Gateway/Proxy → oauth2-proxy/ingress handles OIDC, passes user headers to apps
  4. B2E with LDAP/AD → user federation + SSO to internal apps
  5. B2C → social logins, self-service registration, custom themes

Why teams choose Keycloak

  • Open-source, no per-user fees
  • Full control: self-hosted (VMs, containers, Kubernetes Operator)
  • Extensible (themes, custom providers, hooks)
  • Strong standards support and ecosystem

Quick start (local)

docker run -p 8080:8080 \
  -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin \
  quay.io/keycloak/keycloak:latest start-dev
# Admin console: http://localhost:8080
Code language: PHP (php)
  1. Create a realm
  2. Add a client (e.g., your app)
  3. Configure redirect URIs and web origins
  4. Create users/roles and add mappers for roles → tokens

Integration patterns (at a glance)

  • Laravel (SSR): OIDC Authorization Code + PKCE via Socialite + Keycloak provider; map Keycloak user → local user; optional SSO logout via end_session endpoint.
  • Laravel API: Bearer-only; validate JWT signature via realm JWKS; read roles from realm_access / resource_access.
  • Node/React/Vue: Use official Keycloak JS adapter or generic OIDC libraries.
  • Kubernetes: Run Keycloak via Operator; front apps with oauth2-proxy or Envoy/OIDC filter.

Security & ops checklist

  • Enforce PKCE and HTTPS everywhere
  • Rotate admin creds; restrict admin console access
  • Set token lifetimes and reuse detection; enable Front-Channel Logout if needed
  • Back up realm exports; use Infrastructure-as-Code for realms/clients
  • Monitor with health endpoints; scale with stateless pods + external DB

Theming & UX

  • Customize login/registration/forgot-password pages with themes
  • Localize strings; inject branding and CSS without forking core

When to consider alternatives

  • You need a fully managed SaaS (Auth0, Okta, Azure AD B2C)
  • Strict enterprise compliance + support SLAs without self-hosting

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.

0
Would love your thoughts, please comment.x
()
x