Software Alternatives, Accelerators & Startups
Register | Login

Keycloak VS IdentityServer

Compare Keycloak VS IdentityServer and see what are their differences

ComplyCube
Verify your customers in under 15 seconds anywhere in the world with a cutting-edge SaaS & API platform for Identity Verification and AML/KYC compliance. featured
Contents:
  1. » Base Details
  2. » Videos
  3. » Reviews
  4. » Alternatives

Keycloak logo Keycloak

Open Source Identity and Access Management for modern Applications and Services.

IdentityServer logo IdentityServer

An open-source, standards-compliant, and flexible OpenID Connect and OAuth 2.x framework for ASP.NET Core
  • Keycloak Landing page
    Landing page //
    2022-03-20
  • IdentityServer Landing page
    Landing page //
    2023-02-03

Keycloak features and specs

  • Open-Source
    Keycloak is an open-source identity and access management solution, which means it is free to use and has a community-driven support system. This can lead to lower costs and more flexibility compared to proprietary solutions.
  • Feature-Rich
    Keycloak offers a comprehensive set of features including single sign-on (SSO), multi-factor authentication (MFA), user federation, identity brokering, and social login. This makes it suitable for a wide range of use cases.
  • Customizability
    With Keycloak, you can customize the authentication and authorization processes through its extensible architecture, allowing for the addition of custom features and integrations.
  • Integration Capability
    Keycloak supports integration with various protocols such as OAuth 2.0, OpenID Connect, and SAML, making it versatile for integrating with different platforms and services.
  • Active Community
    Keycloak has an active and growing community of developers and users who contribute to its improvement and provide support, resources, and shared knowledge.

Possible disadvantages of Keycloak

  • Complexity
    Keycloak can be complex to set up and configure, especially for users who are not familiar with identity and access management concepts. This may require additional time and expertise.
  • Resource-Intensive
    Running Keycloak can be resource-intensive, requiring more CPU and memory compared to simpler authentication solutions. This may necessitate higher infrastructure costs.
  • Learning Curve
    The learning curve for Keycloak can be steep for new users due to its wide range of features and configuration options. Ample time might be required to fully understand and utilize its capabilities.
  • Documentation Quality
    While Keycloak has extensive documentation, some users find it to be insufficiently detailed or difficult to navigate, which can impede the setup and troubleshooting process.
  • Maintenance
    Operating a Keycloak instance involves ongoing maintenance tasks such as updates, security patches, and backups, which can be time-consuming and require dedicated resources.

IdentityServer features and specs

  • Open Source Foundation
    IdentityServer is built on an open-source foundation. It has been widely used and developed by a community, ensuring transparency, reliability, and continuous improvements.
  • Comprehensive Protocol Support
    It supports industry standards such as OpenID Connect and OAuth 2.0, which are essential for authentication and authorization processes.
  • Customizability
    IdentityServer offers high levels of customizability, allowing developers to tailor authentication and authorization features to specific application needs.
  • Enterprise-Ready
    Designed to handle complex enterprise scenarios with robust performance and scalability options suitable for large-scale applications.
  • Strong Security Features
    Includes several security mechanisms to protect sensitive data, such as secure token storage and advanced encryption options.
  • Comprehensive Documentation
    Provides extensive documentation and resources, helping developers to implement and troubleshoot the server effectively in their systems.

Possible disadvantages of IdentityServer

  • Licensing Cost
    Since its transition from IdentityServer4 to a non-OSS model under Duende Software, organizations need to purchase a license for commercial use, impacting budget-conscious projects.
  • Complexity
    Can be complex to set up and configure properly, especially for teams that are new to security protocols like OAuth and OpenID Connect.
  • Maintenance Overhead
    Requires ongoing maintenance and updates to ensure security and compatibility with evolving protocols, which can be resource-intensive.
  • Potential Overhead for Small Projects
    May be overkill for smaller projects or teams that do not require robust authentication systems, where simpler solutions might suffice.
  • Community vs. Commercial Transition
    The switch from a community-driven open-source project to a commercial product may alienate previous users who relied on its open-source nature.

Keycloak videos

+ Add

What is Keycloak and what are the main features | DevNation Live

More videos:

  • Review - Keycloak Overview
  • Review - Easily Secure Your Front and Back End app with Keycloak

IdentityServer videos

+ Add

Federated Identity: An intro to OAuth2, Open Id Connect & Duende IdentityServer 5 | Anthony Nguyen

More videos:

  • Review - There's an IdentityServer in my API project - Anders Abel

Category Popularity

0-100% (relative to Keycloak and IdentityServer)

Keycloak

IdentityServer

Identity And Access Management
90 90%
Identity And Access Management
10% 10
Identity Provider
88 88%
Identity Provider
12% 12
SSO
90 90%
SSO
10% 10
Security & Privacy
100 100%
Security & Privacy
0% 0

User comments

Share your experience with using Keycloak and IdentityServer. For example, how are they different and which one is better?
Log in or Post with

Reviews

These are some of the external sources and on-site user reviews we've used to compare Keycloak and IdentityServer

Keycloak Reviews

12 User Authentication Platforms [Auth0, Firebase Alternatives]
You can integrate Keycloak with your applications to have a single-sign-in and single-sign-out experience. Moreover, one can activate social logins without any modification in code. Additionally, it allows user authentication via existing OpenID Connect or SAML 2.0
Source: geekflare.com
10+ Open-source Single-Sign On (SSO) Solutions
Keycloak is a free, open-source identity and access management system with highly configurable Single-Sign-On (SSO) support.
Source: medevel.com
10 Best Auth0 Alternatives and Similar Platforms
Keycloak may be quite beneficial because it provides a built-in method for syncing with databases, such as LDAP or Active Directory, when your users already are registered on. If you use Social Login for social platforms such as Facebook, Keycloak might be a great tool for your organization.
Source: www.regendus.com
Top 5 Open Source Single Sign-On Software In the Year 2021
KeyCloak is another free software that is based on OpenID Connect, OAuth2.0, and SAML2.0. It provides SSO capabilities across web applications and web services. Above all, this open source software provides integrations with LDAP and Active Directory. There is a logical user interface where users can manage roles, permissions, and sessions. Moreover, this free solution...
Source: blog.containerize.com
IAM: A comparison of open-source tools
/ Digitalberry news / IAM: A comparison of open-source toolsIAM: A comparison of open-source toolsWhy use an Identity Provider (IdP)?Comparative study of Identity Providers (IdP)1. Our team’s first choice: Keycloak2. In second place of our comparative study: Gluu3. Special mention: FusionAuthDiscover our expertiseContact our experts
Source: www.digitalberry.fr

IdentityServer Reviews

10+ Open-source Single-Sign On (SSO) Solutions
If you are looking for a certified and complaint system to OpenID Foundation, with .Net technologies, then IdentityServer is your answer.
Source: medevel.com
Top 5 Open Source Single Sign-On Software In the Year 2021
IdentityServer is an open source free single sign-on software. It is a cross-platform framework based on OpenID Connect and OAuth 2. Further, this open source software provides central authentication and authorization capabilities for multiple applications. It supports federated identities, multiple flows, and API authorization. Moreover, this self hosting software enables...
Source: blog.containerize.com

Social recommendations and mentions

Based on our record, IdentityServer should be more popular than Keycloak. It has been mentiond 7 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.

Keycloak mentions (4)

  • Beyond the login page
    Most of the time nowadays, I prefer offloading this to an identity provider, using OpenID Connect or soon Federated Credential Management (FedCM), even if that means shipping an identity provider as part of the deliverables (I generally go with Keycloak, with keycloak-config-cli to provision its configuration). I'm obviously biased though as I work in IT services, developping software mainly for... - Source: dev.to / over 1 year ago
  • Okta Says Hackers Stole Data for All Customer Support Users
    Yet another breach of Okta... Why are companies not running something like keycloak [1] themselves? Are administrative/maintenance costs too high or is it plausible deniability? [1] https://keycloak.org. - Source: Hacker News / over 1 year ago
  • I built a ready-to-use auth server with TypeScript and Express.js
    I'd stick with a solution like https://keycloak.org in that instance. Source: about 2 years ago
  • Authelia is an open-source authentication/authorization server with 2FA/SSO
    A few more projects in this space: - Keycloak (you won't get fired for picking this)[0] - CloudFoundry's UAA[1] - Gluu [2] - Keratin [3] - OpenUnison [4] - Dex[5] - Netlify's GoTrue[6] All of these solutions are a bit different but here are some of the axes: - Whether or not they function as an OAuth provider - Whether they're centered around application-user-login (email + password) or application auth (OAuth) or... - Source: Hacker News / about 4 years ago

IdentityServer mentions (7)

  • Identity server 4
    Its deprecated in favor of Duende Identityserver which introduced a license model. Source: over 1 year ago
  • How does cookie based authentication work?
    Tokens usually have a lifetime and they are separate from the user's authentication principals like username and password. Unless you are rolling your own form of token provider (not something that would be recommended) the token creation is handled for you. Take a look at https://identityserver4.readthedocs.io/en/latest/ or if your organization makes under 1M in income a year the free version of what Identity... Source: over 2 years ago
  • ImageSharp leaving the .NET Foundation due to licensing change
    I think Duende (Identity Server) handled the situation pretty well. https://duendesoftware.com/products/identityserver > Standard License Pricing. - Source: Hacker News / over 2 years ago
  • Why is authentication such a sh*t show with .NET 6?
    He's referring to IdentityServer 3/4, which was open sourced, and was not owned by Microsoft. That 3rd party is commercializing their work (and to be fair, it's a lot of work) as https://duendesoftware.com/products/identityserver , and has a different commercial licensing model. Source: almost 3 years ago
  • Show HN: Open-Source Identity Server Written in Go (Ory Kratos)
    I think "Identity Provider" is more correct, no? "IdentityServer" is the name of a specific IdP implemented in .NET (formerly OSS as https://identityserver4.readthedocs.io/en/latest, and now as a more commercial form as Duende IdentityServer: https://duendesoftware.com/products/identityserver). - Source: Hacker News / almost 3 years ago
View more

What are some alternatives?

When comparing Keycloak and IdentityServer, you can also consider the following products

Auth0 - Auth0 is a program for people to get authentication and authorization services for their own business use.

ASP.NET Identity - ASP.NET Identity is a membership-based software system designed for the authentication and authorization of the users via building an ASP.NET application.

Okta - Enterprise-grade identity management for all your apps, users & devices

OneLogin - On-demand SSO, directory integration, user provisioning and more

DotNetOpenAuth - DotNetOpenAuth is a free-to-use compiled library that comes with the real support to your site visitor to login with the help of openIDs via getting control of the ASP.NET control onto the page.

Amazon Cognito - Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. It scales to millions of users and supports sign-in with social identity providers and enterprise identity providers via SAML 2.0.

Loading...