I use Keycloak a lot for authentication and authorisation and I like its flexibility and richness of features.
Running it in production is a no-brainer, the only problem we got was some bad behaviours of some clients that issue a token for every API call as it can put some stress on Keycloak, has to implements some rate limiting in front ok Keycloak to avoid that.
Running it in production is a no-brainer, the only problem we got was some bad behaviours of some clients that issue a token for every API call as it can put some stress on Keycloak, has to implements some rate limiting in front ok Keycloak to avoid that.
I try to ease its usage with Clojure with https://github.com/jgrodziski/keycloak-clojure I wrote some documentation about Keycloak concepts here: https://cljdoc.org/d/keycloak-clojure/keycloak-clojure/1.30....