Keycloak open redirect: wildcard redirect URIs can be exploited to steal tokens

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Oidc SAML Security Keycloak SSO

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • casdoor

    Discontinued An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casdoor/casdoor]

    • I'm using Casdoor: https://github.com/casbin/casdoor and glad to see it only has ~77,000 LOC according to the shared link.

    Keycloak was good but has too much legacy for 10+ years. Casdoor is pretty new and has become a good replacement for Keycloak for me with more functionalities.

  • Keycloak

    Open Source Identity and Access Management For Modern Applications and Services

    • > Keycloak was good but has too much legacy for 10+ years.

    I got curious, actually seems to check out and explains why it's so well documented (but also complex and oftentimes confusing):

    > The first production release of Keycloak was in September 2014, with development having started about a year earlier.

    https://en.wikipedia.org/wiki/Keycloak

    https://github.com/keycloak/keycloak/releases/tag/1.0.0.Fina...

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Securing Remix Apps with Keycloak

    1 project | dev.to | 6 May 2024

  • Simplifying Keycloak Configuration with Terraform and Terragrunt

    1 project | dev.to | 4 May 2024

  • Securing Vue Apps with Keycloak

    3 projects | dev.to | 3 Apr 2024

  • User Management and Identity Brokering for On-Prem Apps with Keycloak

    1 project | dev.to | 3 Apr 2024

  • Ask HN: No-code, simple-setup user management

    1 project | news.ycombinator.com | 11 Mar 2024