Should I replace django-user management with keycloak capabilities?

L

Larisa .•º2019-09-06 11:24:53

Django

Larisa .•º, 2019-09-06 11:24:53

The task is to manage the user and his roles with different levels of access to services in one application. That one service would allow to authenticate and authorize the user (in general, SSO technologies).
And the rest of the services, knowing that the user was identified, were doing their work.
I stumbled upon Keycloak. Tell someone who has used Keycloak the benefits of winning with django.
And you can somehow use one database, users, in order to somehow expand custom users.?
If I understand correctly, Keycloak uses its own form for authorization to access the site, and it seems that you can customize it, but you can somehow bypass it. (example The site has its own authorization form, and kong does the authorization, and the main application gives the rest of the information).
(*maybe wrong somewhere ^)

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

I

Ivan Shumov, 2019-09-06
@inoise

Keycloak separately, django separately. They carry out their tasks. The idea of Identity Server is to have a separate product that implements a lot of standard functionality and does not care what you write your application logic on. You do not need to extend the user through it - write all the additional steps in your application, and Identity Server should basically only provide user login (most often with federation) using standard protocols and sometimes check authorization. All
I wouldn’t really chase my form unless you have a SPA (and you don’t really need it there either). It is better to style it yourself in Keycloak, since this is a child's task and there are all the guides. It is also updated through the admin panel