With Keycloak, censhare provides an external authentication solution that can integrate existing authentication methods. Keycloak is available in combination with censhare WP.
Release information
About Keycloak
Keycloak is an open-source identity and access management solution. Keycloak is used to integrate external authentication methods such as LDAP or SAML.
Authentication types
In terms of the type of authentication, Keycloak is very flexible. Among other things, users can be authenticated within Keycloak against an Active Directory or an LDAP server. If you already use Keycloak in your organizational network, you can use your existing Keycloak instance.
If you use an external identity provider, Keycloak serves as an identity broker between the identity provider and censhare. If you use Keycloak with the censhare standard authentication, Keycloak serves as a gatekeeper to the censhare Server.
Standard Protocols
Keycloak is published under the free Apache 2.0 license.
Keycloak is based on standard protocols and provides support for OpenID Connect, OAuth 2.0, and SAML.
Keycloak and censhare
For censhare, Keycloak is available in combination with censhare WP as of censhare 2021.2.
Keycloak can be used with all censhare clients. Existing authentication methods can be used as before for censhare Web, the censhare Client, the censhare Admin Client, and Service Client.
If you already use Keycloak in your organizational network, you can use your existing Keycloak instance. In this case, you must add and configure the censhare realm on your Keycloak server. Ask our support for an installation package without Keycloak, if you do not need to install Keycloak bundled with the censhare platform.
More information on censhare WP
Additional resources
For administrators - with productive systems
- Install Keycloak — Learn how to install a fresh Keycloak instance or use an existing one with censhare WP.
- Upgrade Keycloak — Learn about the steps to upgrade Keycloak to a later version.
- Configure Keycloak for external authentication — censhare WP requires external authentication using Keycloak as identity broker. Keycloak runs on a dedicated authentication server. Learn how to configure Keycloak to use it with censhare WP.
- Configure Keycloak with censhare standard login — Learn how to add users to Keycloak. Keycloak can be configured with the censhare standard login. Keycloak verifies the user credentials and authenticates the users. Users can log into censhare Web, the censhare Client, and censhare Admin Client.
- Configure Keycloak with LDAP — You can add an LDAP/AD service to Keycloak to log in users to censhare with their LDAP/AD user profile.
- Configure Keycloak with SAML — The SAML protocol provides single sign-on to applications across organizational boundaries. Keycloak serves as an identity broker between censhare and an identity provider.
- Enable password reset on login page — Learn how to enable users to reset their passwords on the Keycloak login page.
- Enable password change — Learn how to enable password change for censhare Web and censhare Client via Keycloak.
- Authorization mapper — The authorization mapper synchronizes the roles, domains, groups and other settings of a user from Keycloak with the user table of the censhare Server.
For developers - with local installations and for testing
Documentation by Keycloak
Keycloak - server installation
Keycloak - server administration