pkce

2 posts

Keycloak, Angular, and the BFF Pattern

This article explains implementing the BFF pattern with Angular, Express.js, and Keycloak to secure web applications. Learn how to handle authentication flows server-side, eliminate client-side token storage, and maintain separation between frontend and security operations. Includes practical configuration steps for Keycloak realms, Express.js sessions, and Angular’s authentication service.

PKCE with Keycloak and Passport

Discover how passport-keycloak-oauth2-oidc-portable integrates Keycloak with OAuth2 and OpenID Connect (OIDC) using the secure Proof Key for Code Exchange (PKCE) protocol. This article explores implementing PKCE to protect public clients like desktop and single-page applications from common authentication vulnerabilities such as CSRF and authorization code interception. Learn about setting up a Keycloak test instance with Docker to facilitate seamless local development and testing. Through a practical example, see how PKCE aligns with modern security standards, providing a robust and efficient authentication mechanism for your applications. Whether you’re enhancing existing authentication flows or building new solutions, this guide offers valuable insights into leveraging PKCE, Keycloak, and Passport.js to create secure authentication frameworks.