Keycloak is an open source and easy way (it boasts 'no code') Identity and Access Management. It works with 'single sign on' (SSO) too, which is the main reason I am investigating it.
For SSO users authenticate with keycloak and it handles things from there, so no login forms and validation code. It can also bridge with Kerberos (LDAP or AD), so once they have logged in on their workstation they will be authenticated automatically.
- A case sensitive name given to a particular domain or area where you will be issued a challenge. This means there could be a page or group of pages where credentials are needed. It comes from the Latin 'regimen' meaning 'government'
docker run -p 8080:8080 -e KEYCLOAK_USER=<USERNAME> -e KEYCLOAK_PASSWORD=<PASSWORD> jboss/keycloak
Then continue the tutorial at