Keycloak (Identity Broker)
- 15 Nov 2024
- 1 Minute to read
- Contributors
- Print
- PDF
Keycloak (Identity Broker)
- Updated on 15 Nov 2024
- 1 Minute to read
- Contributors
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
The Autoform DM SSO capability requires that Keycloak is installed and available to act as an identity broker for Autoform DM.
The (typical) supported Keycloak deployment scenarios are described below.
Decide the preferred architecture in advance of setting up Autoform DM SSO, so that naming and connectivity matters can be considered during the setup process.
Note
Autoform DM can use an existing Keycloak instance that is already used by other applications. In this scenario, Autoform DM will be introduced into the existing security domain.
Dedicated Keycloak Instances
Each Autoform DM environment uses its own dedicated Keycloak instance and no other applications are integrated into each instance.
This could be the preferred option if a strong demarcation between applications and systems is required or if there are network constraints. However, using more Keycloak instances creates additional configuration and maintenance overhead.
Shared Keycloak Instance
To reduce resource and maintenance overheads, a single Keycloak instance can be shared by multiple Autoform DM installations. For example, two Autoform DM environments (Dev and Test) can share a Keycloak instance.