Recent Blog Posts
Use Custom Infinispan Caches in Keycloak
When implementing custom Keycloak extensions (aka SPI implementations), the requirement to cache some data may arise from time to time. For example, you might want to cache the results of calls to external systems to reduce dependencies on those systems and speed up things during runtime.
Read more »Keycloak Account REST API OpenAPI Specification
Finally..! 🙏
Finally I created an OpenAPI Specification file (OAS) for the Keycloak Account REST API.
This API is available since Keycloak version… 12? 14?
I don’t remember anymore exactly.
At least for several years!
But it has never been documented, neither as OAS, nor in any other format.
Unfortunately.
The Keycloak-Token-Configuration Mistake, 90% of all Developers do
It was my first time at KeycloakCon Europe as a co-located subconference of CNCFCon/KubeCon in Amsterdam in March this year.
I gave a talk about token hygiene, named The Keycloak-Token-Configuration Mistake, 90% of all Developers do (and how to avoid it).
I discussed topics like data-minimization in terms of GDPR and proper token scopes (not using full-scope) with token exchange.
Der Deutschland-Stack ist da – und Keycloak ist die Antwort auf die Frage nach IAM
März 2026. Ein historisches Datum für die deutsche Verwaltung und für alle Unternehmen, die mit ihr arbeiten, an sie liefern oder sich an ihren Standards orientieren müssen.
Read more »All Blog Posts / Archive
Read all of my blog posts, find them either by tag or chronological: