Keycloak Authentication Server

ALU uses Keycloak as the authentication server. Keycloak is an open source identity and access management server that can be used to secure applications and services with little to no code changes. Keycloak provides a variety of features such as Single Sign On (SSO), Identity Brokering and Social Login, User Federation, and many more.

In ALU we use Keycloak for user authentication and in the future we plan to use it for authorization as well.

Setting up Keycloak is out of the scope of this documentation but configuration files for the ALU realm can be found in etc/kc-custom directory. etc/compose/alu-dev directory contains a keycloak service that uses the kc-custom directory as a volume to import the realm configuration. (see setup inststructions). NOTE: You may need to import the realm configuration manually when deploying to a production system. The realm configuration file can be found at /src/etc/kc-custom/alu-realm.json.

Keycloak can be accessed at http://localhost:8888/admin after you start the ALU services. The default user name is 'admin' and password is 'password'.