All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Keycloak OpenFGA Event Publisher: Integration Extension for Fine-Grained Authorization

By

mooreds

2mo ago· 5 min readenCode
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Baker's choice. Dense with flavour, light on filler.

Score100Typehow-toSentimentneutral

Summary

This article describes a Keycloak extension called 'Keycloak OpenFGA Event Publisher' that enables integration between Keycloak (an open-source identity and access management solution) and OpenFGA (an open-source fine-grained authorization system). The extension implements an Event Listener Provider to detect identity events in Keycloak and publish them to OpenFGA servers using the OpenFGA Java SDK. This allows for real-time synchronization of authorization data between the two systems, supporting fine-grained authorization (FGA) using ReBAC (Relationship-Based Access Control) principles inspired by Google's Zanzibar paper.

Key quotes

· 4 pulled
This is a Keycloak extension that implements an Event Listener Provider to detect Identity events and publish them to the OpenFGA server over HTTP, thanks to the OpenFGA Java SDK.
OpenFGA is an open source solution for Fine-Grained Authorization that applies the concept of ReBAC (created by the Auth0 inspired by Zanzibar).
This extension allows for direct integration between Keycloak and OpenFGA.
The extension follows these steps: Listens to the following Keycloak events based on his own Identity, Role and Group model (e.g., User Role Assignment, Role to Role Assignment, etc).
Snippet from the RSS feed
Keycloak OpenFGA Event Publisher enables event integration between Keycloak and OpenFGA for Fine-Grained Authorization (FGA) using the OpenFGA SDK. - embesozzi/keycloak-openfga-event-publisher

You might also wanna read

Kefir C compiler development moves to private mode indefinitely

The developer of the Kefir C compiler announces the cessation of public development, transitioning the project to private mode indefinitely.

kefir.protopopov.lv·1h ago

Why Average LLM Use Is Likely Destroying Value in Software Development

The author argues that, contrary to prevailing hype, the average use of Large Language Models (LLMs) is likely destroying value rather than

unessays.substack.com·18h ago

How AI Accelerated Prototyping: From Idea to Tangible in Record Time

The author reflects on how AI has transformed their prototyping workflow. Previously, the biggest bottleneck was the time needed to scaffold

darylcecile.net·18h ago

GitLab 19.0 launches with Secrets Manager, agentic workflows, and self-hosted AI models

GitLab 19.0 has been released, positioning itself as an intelligent orchestration platform for DevSecOps. The release includes expanded secr

bit.ly·1d ago

Centralizing Error Handling in Rust with Custom AppError Enums

This article discusses the importance of centralizing error handling in Rust applications using a custom AppError enum combined with map_err

tristonarmstrong.com·1d ago

Zig Devlog: Build System Rework Separates Maker and Configurer Processes

This devlog entry from the Zig programming language project announces a major rework of the build system, separating the maker process from

ziglang.org·1d ago