Recent Blog Posts
KEYCLOAK - Setting a fixed issuer value
Keycloak derieves the issuer value, used in the openid-configuration document and in generated tokens, from the hostname settings of the server.
This is not wrong and a valid decision made by the team some time ago.
While one is not forced to do so, it’s totally ok to use the hostname as a valid issuer value.
KEYCLOAK - Flushing and clear Realm and User Caches via Admin REST API
Keycloak makes heavy use of caches, distributed and local ones. The local caches are the ones which hold realm, client and user related data. Usually you don’t need to care about cache invalidation and flushing state, this is managed under the hood by Keycloak itself. But sometimes there might be the need to clear and flush the caches manually, so that your Keycloak node(s) read(s) the data fresh from the database.
Read more »KEYCLOAK - Using an HTTP/REST client in your custom extensions
Back in the old days of legacy Wildfly-based Keycloak distributions, it was easy to use a custom HTTP- or REST-client, because Wildfly was (is) an application server and there is just a JAX-RS client available, in this case, the RESTEasyClient.
With the switch to the Quarkus application framework as the foundation architecture, it was not that easy as with Wildfly, but on still could use the ResteasyClientBuilder and create a client instance.
Now, starting with version 23 of Keycloak, also the ResteasyClientBuilder is no more able to be used.
Keycloak Dev Day 2024
I’m exited to be able to present to you the KEYCLOAK DevDay 2024, which takes place in Frankfurt, Germany on February 22nd, 2024.
Read more »FIDO Passkeys – In Zukunft ohne Passwort (Teil 3)
Im Online-Magazin Informatik-Aktuell ist der dritte Teil meiner Artikelserie über FIDO Passkeys, die Historie der Passwörter und die Zukunft der sicheren Authentifizierung erschienen.
Read more »All Blog Posts / Archive
Read all of my blog posts, find them either by tag or chronological: