OAuth 2.0
OAuth 2.0 is an authorization protocol that allows applications to request limited access to user resources without sharing passwords. It operates via access tokens, enabling secure delegation of permissions. OAuth 2.0 supports multiple grant types like Authorization Code Flow and Client Credentials Flow, making it ideal for web, mobile, and API security. Keycloak implements OAuth 2.0 for SSO, access control, and API protection, supporting OpenID Connect (OIDC), User-Managed Access (UMA), and PKCE for enhanced security. It is widely used in modern authentication frameworks.
Recommended content for you
Identity Self-Service in IAM
Critical moment for app or service experience from user perspective is when they try to get something done reset a password, access an app, or…
IAM onboarding and offboarding software- make it secure and effective
The first impression doesn’t happen when a contract is signed. It happens much earlier when a user, employee, or customer touches your system for the…
What is adaptive multi-factor authentication (adaptive MFA)?
Adaptive Multi-Factor Authentication (MFA) is a scalable policy that improves organizational security by assessing potential risks during every login transaction and prompting users for additional…
Looking for enterprise SSO solutions?
Learn more about our Keycloak powered, single platform to manage access across your entire organization.