Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Anyone know how this compares to Keycloak?

Aside: I can't count the no. of times I've referred to Aaron Parecki's OAuth2 Simplified page.

EDIT: I guess Keycloak's federation options are limited to LDAP or AD but can be extended with some effort?



OIDC, which Keycloak Supports, is a tad more versatile than IndieAuth. In my experience, IndieAuth is quite a complicated dance to perform compared to OAuth2, especially since in OIDC, JWT tokens are fairly established to enable apps to get user data.

KC's tokens can get you quite a lot of insight and data about a user if you want, or nothing if necessary. IndieAuth uses HTML scraping for that.


Just to clarify: OIDC = OpenID Connect, which doesn't have much to do with the old OpenID but is based on OAuth 2.0.


OIDC is wonderfull and I have no idea why OpenID put their name on it. "OAuth2 Auto-Configuration" would have done it.


Yes, absolutely. If it was called something like "OAuth 2 Auto-Configuration and Identity", it would have caused less confusion.


Useful...Thanks!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: