Securing Applications

Phase Two is an implementation of the OpenID Connect specification. That means, no custom libraries or code are required Your applications and services can be secured using any compliant OpenID Connect Relying Party library. There are lists maintained by the OpenID Foundation of client libraries.

• Certified OpenID Connect Implementations
• Uncertified OpenID Connect Implementations

Confused? We will also use this category as a place to provide language and framework specific guides to make securing your applications easier.

Guides

📄️ JavaScript

Most modern applications are being built as single-page apps. The easiest way to secure these is with the JavaScript keycloak-js library. If you are using a package manager like NPM, you can use it from there. If you are importing it direclty, the library is served by the server at `https:///auth/js/keycloak.js

📄️ React

Many SPAs use a framework such as React to simplify the creation of interactive experiences. We suggest the use of the open source react-keycloak library to make securing React applications easier.

📄️ Next.js

This example uses Next.js 13 and splits server and client components accordingly.

📄️ Vue.js

📄️ Nuxt

This example uses Nuxt3. There are a couple methods by which you can integrate Keycloak to your Nuxt application. We're going to explore two methods here, one uses keycloak-js and the other leverages oidc-client-ts. The keycloak-js library provides a simple, client-only method, but lacks some of the sophistication provided by the oidc-client library that is heavily supported and more widely used.

📄️ Django

The following could be applied to an existing Django application, but we have chosen to use the excellent tutorial application built by Mozilla as our example. If you aren't yet familiar with Django, we encourage you to follow the tutorial there.

Libraries

Also, here is an unofficial list of OpenID Connect libraries we've heard good things about. Please email us if you're a library author, and you'd like to see your library linked here, or if you've had success with a library not listed here.

• JavaScript (client-side)
  • OIDC Client
  • React OIDC Context
  • NextAuth.js (will become Auth.js)
  • Auth.js
  • Keycloak JavaScript Adapter (the keycloak-js adapter is deprecated by Keycloak)
• Node.js (server-side)
  • Node.js
• Python
  • oidc
• Go
  • gocloak
• Android
  • AppAuth
• iOS
  • AppAuth
• PHP
  • oauth2-keycloak
• C#
  • OWIN