Keycloak

<< Click to Display Table of Contents >>

Raynet One > 1.1 > User Guide > Technical overview 

Keycloak

User authentication in Raynet One is done by the Keycloak software. It supports a wide range of user authentication providers (Google, Microsoft, GitHub) to suit all kind of needs. Session management involves sharing confidential user authentication tokens over secure data channels. Users can be authorized to various parts of the platform using the concept of roles.

 

See the Managing users through Keycloak chapter for detailed information about permission assignment.

 

clip0098

 

The User administration section of the administrator account profile page. This administrator account has got Keycloak realm administration privileges. Click on the link to open the Keycloak administration console.

Form of authentication

JWT bearer authentication tokens are exchanged between Keycloak instance and Raynet One. They contain parameters limiting the access scope granted. The communication channel is secured by Transport Layer Security (TLS). The token validity is checked regularly to ensure user session validity, redirecting users back to the login prompt on verification failure.