Nacho
Keycloak OpenID Connect Provider
Keycloak is an open-source identity and access management solution that provides a comprehensive set of features to authenticate and authorize users.
Features
If you want to compare OpenID Connect features of different providers, please check out the OpenID Connect Providers benchmark.
Looking for Keycloak’s (C)IAM features like MFA, SSO, and user management? View Keycloak on the (C)IAM Identity Providers benchmark.
Frequently Asked Questions
Does Keycloak support the Authorization Code grant type?
Keycloak supports Authorization Code grant type. Read more
Does Keycloak support the Refresh Token grant type?
Keycloak supports Refresh Token grant type. Read more
Does Keycloak support the Client Credentials grant type?
Keycloak supports Client Credentials grant type. Read more
Does Keycloak support the Implicit grant type?
Keycloak supports Implicit grant type. Read more
Does Keycloak support the Token Exchange grant type?
Keycloak supports Token Exchange grant type. Read more
Does Keycloak support the Client Initiated BackChannel Authentication grant type?
Keycloak supports Client Initiated BackChannel Authentication grant type. Read more
Does Keycloak support the Device Authorization Grant grant type?
Keycloak supports Device Authorization Grant grant type. Read more
Does Keycloak support the JWT Bearer Token grant type?
Keycloak supports JWT Bearer Token grant type. Read more
Does Keycloak support the SAML 2.0 Bearer Assertion grant type?
Keycloak does not support SAML 2.0 Bearer Assertion grant type.
Does Keycloak support the Resource Owner Password Credentials grant type?
Keycloak supports Resource Owner Password Credentials grant type. Read more
Does Keycloak support the PKCE extension?
Keycloak supports PKCE extension. Read more
Does Keycloak support the PAR extension?
Keycloak supports PAR extension. Read more
Does Keycloak support the RAR extension?
Keycloak does not support RAR extension. Read more
Does Keycloak support the JAR extension?
Keycloak supports JAR extension. Read more
Does Keycloak support the Authorization Endpoint endpoint?
Keycloak supports Authorization Endpoint endpoint. Read more
Does Keycloak support the Token Endpoint endpoint?
Keycloak supports Token Endpoint endpoint. Read more
Does Keycloak support the UserInfo Endpoint endpoint?
Keycloak supports UserInfo Endpoint endpoint. Read more
Does Keycloak support the Token Revocation endpoint?
Keycloak supports Token Revocation endpoint. Read more
Does Keycloak support the Token Introspection endpoint?
Keycloak supports Token Introspection endpoint. Read more
Does Keycloak support the Device Authorization Endpoint endpoint?
Keycloak supports Device Authorization Endpoint endpoint. Read more
Does Keycloak support the OpenID Connect Discovery Endpoint endpoint?
Keycloak supports OpenID Connect Discovery Endpoint endpoint. Read more
Does Keycloak support the OAuth 2.0 Authorization Server Metadata Endpoint endpoint?
Keycloak partially supports OAuth 2.0 Authorization Server Metadata Endpoint endpoint. Supports through OpenID Connect Discovery Read more
Does Keycloak support the none token endpoint authentication method?
Keycloak supports none token endpoint authentication method. Read more
Does Keycloak support the client_secret_basic token endpoint authentication method?
Keycloak supports client_secret_basic token endpoint authentication method. Read more
Does Keycloak support the client_secret_post token endpoint authentication method?
Keycloak supports client_secret_post token endpoint authentication method. Read more
Does Keycloak support the client_secret_jwt token endpoint authentication method?
Keycloak supports client_secret_jwt token endpoint authentication method. Read more
Does Keycloak support the private_key_jwt token endpoint authentication method?
Keycloak supports private_key_jwt token endpoint authentication method. Read more
Does Keycloak support the tls_client_auth token endpoint authentication method?
Keycloak supports tls_client_auth token endpoint authentication method. Read more
Does Keycloak support the none prompt?
Keycloak supports none prompt. Read more
Does Keycloak support the login prompt?
Keycloak supports login prompt. Read more
Does Keycloak support the consent prompt?
Keycloak supports consent prompt. Read more
Does Keycloak support the select_account prompt?
Keycloak supports select_account prompt. Read more
Does Keycloak support the create prompt?
Keycloak does not support create prompt. Read more
Does Keycloak support the RP-initiated Logout feature?
Keycloak supports RP-initiated Logout feature. Read more
Does Keycloak support the Dynamic Client Registration Protocol feature?
Keycloak supports Dynamic Client Registration Protocol feature. Read more
Does Keycloak support the Dynamic Client Registration Management Protocol feature?
Keycloak supports Dynamic Client Registration Management Protocol feature. Read more
Does Keycloak support the Refresh Token Rotation feature?
Keycloak supports Refresh Token Rotation feature. Read more
Does Keycloak support the OAuth 2.0 Demonstrating Proof of Possession (DPoP) feature?
Keycloak supports OAuth 2.0 Demonstrating Proof of Possession (DPoP) feature. Read more
Does Keycloak support the FAPI 1.0 Security Profile - Part 1: Baseline feature?
Keycloak supports FAPI 1.0 Security Profile - Part 1: Baseline feature. Read more
Does Keycloak support the FAPI 1.0 Security Profile - Part 2: Advanced feature?
Keycloak supports FAPI 1.0 Security Profile - Part 2: Advanced feature. Read more
Does Keycloak support the FAPI 2.0 Security Profile feature?
Keycloak supports FAPI 2.0 Security Profile feature. Read more
Does Keycloak support the FAPI 2.0 Message Signing feature?
Keycloak supports FAPI 2.0 Message Signing feature. Read more
Does Keycloak support the JARM feature?
Keycloak supports JARM feature. Read more
Note: The current data is based on provider documentation/experience and may not be 100% accurate. Please open an issue if you have spotted any inconsistencies.