From Wikipedia, the free encyclopedia
Developer(s)WildFly, a division of Red Hat
Initial release10 September 2014; 9 years ago (2014-09-10)
Stable release
24.0.4 / 8 May 2024[1]
Written inJava
TypeSingle sign-on system
LicenseApache License 2.0

Keycloak is an open source software product to allow single sign-on with identity and access management aimed at modern applications and services. Until April 2023, this WildFly community project was under the stewardship of Red Hat, who use it as the upstream project for their Red Hat build of Keycloak. In April 2023, Keycloak was donated to the CNCF and joined the foundation as an incubating project.[2]

Keycloak supports various protocols such as OpenID, OAuth version 2.0 and SAML and provides features such as user management, two-factor authentication, permissions and roles management, creating token services, etc.[3]


The first production release of Keycloak was in September 2014, with development having started about a year earlier. In 2016, Red Hat switched the RH SSO product from being based on the PicketLink framework to being based on the Keycloak upstream Project.[4] This followed a merging of the PicketLink codebase into Keycloak.[5][6]

To some extent Keycloak can now also be considered a replacement of the Red Hat JBoss SSO open source product which was previously superseded by PicketLink.[7][8] As of March 2018, is redirecting the old jbosssso subsite to the Keycloak website. The JBoss name is a registered trademark and Red Hat moved its upstream open source projects names to avoid using JBoss, JBoss AS to Wildfly being a more commonly recognized example.[9]


There are two main components of Keycloak:

  • Keycloak server, including the API and graphical interface.
  • Keycloak application adapter: a set of libraries to call the server.[10]

See also[edit]


  1. ^ "Keycloak 24.0.4 released". 8 May 2024. Retrieved 9 May 2024.
  2. ^ "Keycloak joins CNCF as an incubating project". CNCF. Retrieved 2024-05-15.
  3. ^ "Open Source Identity and Access Management". keycloak. Retrieved 2024-01-23.
  4. ^ Atkisson, Brian (4 October 2016). "How Red Hat re-designed its Single Sign On (SSO) architecture, and why". Red Hat. Archived from the original on 9 January 2018. Retrieved 7 March 2018.
  5. ^ Dawidowicz, Boleslaw (10 March 2015). "PicketLink and Keycloak projects are merging!". Archived from the original on 11 September 2015. Retrieved 7 March 2018.
  6. ^ Peeples, Kenneth (28 May 2014). "What is the difference between Picketlink and Keycloak?". JBossDeveloper. Archived from the original on 5 April 2017. Retrieved 7 March 2018.
  7. ^ "JBosssso (archived) Website". Archived from the original on 30 May 2014.
  8. ^ Kalali, Masoud (30 May 2010). GlassFish Security. PACKT. p. 182. ISBN 978-1-847199-38-6.
  9. ^ "Load Balancing Wildfly and JBoss Application Servers with NGINX Open Source and NGINX Plus | NGINX Documentation". Retrieved 2023-10-11.
  10. ^ "Securing Applications and Services Guide".

External links[edit]