Run Backstage with Keycloak SSO on Ubuntu (Without Docker, Minimal Changes)
The official Backstage docs are excellent and very complete. They also move fast: Docker images, Postgres, Kubernetes, and a lot […]
Backstage, Keycloak
Keycloak
Keycloak, Redmine
How to Enable Keycloak OAuth Login in Redmine
This guide is a continuation of our previous tutorial:How to Install Redmine 6.0.6 on Ubuntu 24.04 with PostgreSQL, RVM, Ruby,
DefectDojo, Keycloak
Enable SSO in DefectDojo with Keycloak using OpenID Connect (OIDC)
DefectDojo supports Single Sign-On (SSO) using OpenID Connect (OIDC). This guide shows how to securely integrate DefectDojo with Keycloak, making
Harbor, Keycloak
Authenticate Harbor with Keycloak via OIDC
Secure your Harbor registry using Keycloak as an OpenID Connect (OIDC) identity provider. This guide walks you through configuring Keycloak
Keycloak, ThingsBoard
How to Enable OAuth2 Login in ThingsBoard 4.0.1 Community Edition Using Keycloak and HAProxy
ThingsBoard is a powerful open-source IoT platform supporting device management, telemetry, dashboards, and multi-tenancy. In this guide, I’ll show you
Keycloak
Enable Google Login by Adding Google as an Identity Provider in Keycloak
You can easily allow users to log in to your Keycloak realm using their Google accounts. This guide walks you
AWS EC2, Email Hosting, Keycloak
Configure Keycloak Email with Zoho Mail on AWS EC2
When running Keycloak on an AWS EC2 instance, like my own deployment at keycloak.maksonlee.com, you’ll likely want to enable features
Jenkins, Keycloak
Map Keycloak Client Roles to Jenkins Groups
In a previous post, we integrated Jenkins with Keycloak using OpenID Connect (OIDC). Now let’s go one step further: map
Keycloak, OpenDJ
Sync OpenDJ Nested Groups to Keycloak
When integrating OpenDJ with Keycloak, syncing LDAP groups, especially nested groups, as Keycloak groups is essential for centralized, scalable access control across applications. Unlike OpenLDAP, OpenDJ
Keycloak
Restrict Keycloak Client Login by Role
By default, Keycloak allows any authenticated user to access any client in a realm. In production, we often want to