Reputation: 7238
Keycloak client vs user
I understand that keycloak has built-in clients and we add the users later on.
But in general, what is the difference between a client and a user in Keycloak?
Upvotes: 27
Views: 17375
Answers (3)
Reputation: 1218
According to the Keycloak documentation
- User - Users are entities that are able to log into your system
- Client - Clients are entities that can request Keycloak to authenticate a user. Most often, clients are applications and services that want to use Keycloak to secure themselves and provide a single sign-on solution. Clients can also be entities that just want to request identity information or an access token so that they can securely invoke other services on the network that are secured by Keycloak
Upvotes: 27
Reputation: 189
Clients and users are two completely different constructs in keycloak.
In plain English, client is an application. Example for an application could be a e.g. yelp.com or any mobile application. Client can be a simple REST API. Keycloak's built in clients are for keycloak internal use, But any user-defined application has to be registered as a client in keycloak.
Users are the one which authenticate via keycloak to gain access to these applications/clients. Users are stored in keycloak DB or any externally hosted LDAP but synced with keycloak.
Upvotes: 9
Reputation: 31649
In short words, not only for keycloak but for OAuth and OpenId Connect too, a client represents a resource which some users can access. The built-in clients for keycloak represent some resources for keycloak itself.
Upvotes: 14
Related Questions
- How are Keycloak roles managed?
- Keycloak Realm VS Keycloak Client
- keycloak bearer-only clients: why do they exist?
- Global mappers for keycloak client
- Keycloak return service in user api
- Keycloak user management
- Keycloak client deployment best practice
- Keycloak: Access token client-1 to manage client-2 resources
- Keycloak frontend and backend clients
- Keycloak - Identity providers and clients