Pascal FLAMAND

IAM sovereignty has become a strategic necessity rather than a purely technical option. IAM sovereignty has become a strategic necessity rather than a purely technical option. janua.fr/iam-the-hidden…

How to get self-locking sessions in Keycloak with PIN step-up authentication : with our partner Please-Open It with share with you this article. janua.fr/self-locking-s… #keycloak #redhatSSO #CIAM #SSO #community

Get rid of your old Active directory/LDAP with keycloak and a small piece of custom software : just a POC for a LDAP bind proxy to log to KeyCloak with LDAP. janua.fr/ldap-bind-prox… #keycloak #redhatsso #IAM #CIAM #OpenSource

Keycloak OAuth2-Proxy Configuration Generator: we strongly advocate the use of authentication proxy pattern, the most efficient ways to secure applications without modifying their code. janua.fr/simplify-your-… #keycloak #redhatSSO #SSO

What is and how to use Keycloak Authenticator. An « authenticator » is a step in an authentication process, called « Authentication flow ». An impressive list of authenticators are available with Keycloak : janua.fr/keycloak-authe… #keycloak #redhatSSO #SSO #CIAM #IAM

How to simplify authentication in any application with an authentication proxy ? Over the years, we’ve encountered the same challenges repeatedly. janua.fr/authentication… #keycloak #redhatSSO #security #community

Keycloak roles restriction and full scopes. Learn with this article how and why you must restrict roles in tokens by turning off « full scope allowed » switch. janua.fr/keycloak-roles…

Keycloak has announced "workflows" as a preview feature. A welcome feature we already implemented years ago with... n8n. This is how we did : blog.please-open.it/posts/keycloak…

Another module for Keycloak : user attribute regexp mapper Because in Keycloak user attributes are multivalued (with ability to aggregate them with "user attribute mapper"), we added a regexp filter only to send back attribute if it matches. github.com/please-openit/…

Keycloak roles restriction and full scopes : for security concerns, you must restrict roles to a subset through the « Full Scope Allowed » janua.fr/keycloak-roles…

With our partner please-open.it we implement everything necessary for our customers’ use cases. . How to make your custom workflow with Keycloak ? janua.fr/how-to-make-yo… #keycloak #IAM #SSO

A JWT decoder in the system tray, to enhance your productivity setting up KeycCloak. With our customers, we decode JWT tokens dozens of times a day. janua.fr/a-jwt-decoder-… #keycloak @redhatSSO #SSO #IAM

A custom http header to token claim mapper for Keycloak : Our main partner please-open-it implement everything necessary for our customers’ use cases. And one of our clients asked us: how to pass the locale when authenticating in “client_credentials”? #keycloak #redhatsso

Tired of always opening jwt.io?

Keycloak User Agent Filter Authenticator: an authenticator that filters the user-agent header for Keycloak to exclude embedded webviews, ensuring compliance with specification requirements. The component reduces the attack surface janua.fr/keycloak-user-…

@PierreArlais That's it

Keycloak roles restriction and full scopes : for security concerns, you must restrict roles to a subset through the « Full Scope Allowed » Switch as by default a client has « roles » scope as « default » ... janua.fr/keycloak-roles…

Get rid of your old Active directory/LDAP with keycloak and a small piece of custom software : just a POC for a LDAP bind proxy to log to KeyCloak with LDAP janua.fr/ldap-bind-prox…

This article will share how to enrich native metrics in Keycloak with Micrometer and add yours. janua.fr/enrich-native-…

Le Puy Du Fou utilise Jaguards pour la digitalisation de ses services de sécurité. jaguards.com/le-puy-du-fou-…