Keycloak Assessment

Tech questions:

• What is your current AuthE strategy?
  • How do you authenticate users?
• What is your current AuthZ strategy?
  • Is RBAC in place?
• Which IAM solutions are in place?
  • How many IDPs?
  • How many SPs?
  • How many realms?
• How do you deploy your infrastructure?
  • Are you using Kubernetes?
  • Are you using Docker?
  • Is your infrastrucutre cloud native?
• How do you enfoce policies?
  • Are you using OPA?
• What is your technology stack?
  • What type of token do your applications consume?
  • Wich auth protocol is used (OpenID Connecct, SAML)?
  • Do your authenticate on a proxy level?
• Do you depend on a vendor for auth solutions?
  • Are you using AWS IAM?

Organizational questios:

• How many users use your auth services?
• How much time is put into managing permissions and security?

Backlinks:

🔗 Keycloak

📝 Edit on GitHub

Copyright © Mint System GmbH