Recap from KubeCon + CloudNativeCon Europe 2024

April 15 2024 by Thomas Darimont

After a packed week of fantastic talks at KubeCon + CloudNativeCon Europe 2024 in Paris, we’re delighted to share our impressions with the rest of the Keycloak community.

Keycloak and OAuth2 Token Exchange for Microservice API Security

The presence of Keycloak in many presentations highlighted its importance in the cloud-native ecosystem. Notably, the talk “OAuth2 Token Exchange for Microservice API Security” by Ahmet Soormally & Letz Yaara on OAuth2 Token Exchange (RFC 8693) underscored its application in microservice security and pinpointed areas for Keycloak’s enhancement. Efforts to advance the support for Token Exchange are underway, and community feedback is invaluable. Please join the discussion on the current usage of Token Exchange to help us out.

Keycloak and the Secrets of the Universe at CERN

A standout moment was learning about Keycloak’s role at CERN in the talk “The Hard Life of Securing a Particle Accelerator”, as shared by Antonio Nappi and Sebastian Lopienski, emphasizing its contribution to securing the particle accelerator’s IAM infrastructure. Keycloak supports research on the nature of the universe. How cool is that :)

Keycloak, OpenFGA, and Kubernetes Authorizer

Jonathan Whitaker’s talk “Federated IAM for Kubernetes with OpenFGA” on federated IAM with OpenFGA showcased innovative approaches for managing access to Kubernetes resources through the combination of Keycloak, OpenFGA and a custom Kubernetes Authorizer Web Hook. In particular, the demonstration of temporarily elevated access to Kubernetes resources was very well received.

Keycloak: The Leading Edge of AuthN and AuthZ

Last but not least, our session, “The Leading Edge of AuthN and AuthZ by Keycloak”, presented by Takashi Norimatsu and Thomas Darimont, introduced the latest Keycloak advancements, including support for Passkeys, OAuth 2.1, and OpenID for Verifiable Credentials (OpenID4VC). As part of our talk, we showed the current support for Passkeys and some integration options with Open Policy Agent.

Summary

Keycloak is an essential pillar of many cloud-native systems and significantly impacted the conference, attracting thousands of Kubernetes and cloud-native professionals.

The engagement and collaborative spirit of the cloud-native community were genuinely inspiring, underscoring the collective drive to enhance and innovate within this vibrant ecosystem.

We’re very proud and happy to be part of this fantastic community!