Guide of Authentication and Authorization for Cloud Native Applications with Keycloak – Michito Okai, Hitachi, Ltd.
How do you enable authentication and authorization for cloud native applications such as Kubernetes, Grafana and Argo CD? If you do not implement appropriate authentication and authorization, cloud native applications have many security risks such as Broken Access Control in OWASP Top 10 2021 and Broken Authentication in OWASP API Security Top 10 2023. To enable appropriate authentication and authorization, you need to adhere standard specifications and satisfy inherent requirements in a project, for example, identity federation and security level. Therefore, you need to choose an authentication and authorization product that fits your project’s use case. In April 2023 Keycloak – an Identity and Access management OSS – joined CNCF as an incubating project and we can use authentication and authorization for cloud native applications. Keycloak enables Single Sign On, password less authentication and social login for administrators and users. Also, Keycloak adheres not only OAuth 2.0 but also the highly secured profiles such as Financial-grade API for micro services and APIs. In addition, authorization using IoT devices with Kubernetes can be realize with Keycloak. Thus, Keycloak will be the most favorite choice of authentication and authorization products. In this session, Michito Okai will introduce the above use cases of Keycloak for cloud native applications.
