Evaluating Performance Impacts in Identity Management based on Keycloak and OpenID Connect
Abstract
Using third-party identity providers (IdP) to allow authentication and authorization lets web developers add different IdPs easily. Centralized authentication/authorization services, such as the robust Keycloak framework, provide a reliable and straightforward solution for web developers, ensuring easy and efficient authentication and authorization management. However, Keycloak may introduce some latency and increase the payload of the system traffic. We analyze Keycloak employing OpenID Connect and solely OpenID Connect performance, focusing on identity and token delegation and characterizing their impacts and behavior.References
Dollimore, J. and Kindbergr, T. (1998). Fundamentos de Sistemas Distribuídos, chapter 2, pages 38–67. Bookman, 4 edition.
Silva, I. P. and Thorgersenm, S. (2021). Keycloak - Identity and Access Management for Modern Applications: Harness the power of Keycloak, OpenID Connect, and OAuth 2.0. packet.
Wilson, Y. and Hingnikar, A. (2022). Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0.
Silva, I. P. and Thorgersenm, S. (2021). Keycloak - Identity and Access Management for Modern Applications: Harness the power of Keycloak, OpenID Connect, and OAuth 2.0. packet.
Wilson, Y. and Hingnikar, A. (2022). Solving Identity Management in Modern Applications: Demystifying OAuth 2.0, OpenID Connect, and SAML 2.0.
Published
2024-09-16
How to Cite
BUNN, Carlos D. S.; MIERS, Charles C..
Evaluating Performance Impacts in Identity Management based on Keycloak and OpenID Connect. In: WORKSHOP OF DIGITAL IDENTITY MANAGEMENT - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 24. , 2024, São José dos Campos/SP.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 197-200.
DOI: https://doi.org/10.5753/sbseg_estendido.2024.243372.
