Keycloak is an open source software product to allow single sign-on (SSO) with identity and access management aimed at modern applications and services.
- Keycloak (Wikipedia)
Default configuration
Bruteforce detection is disabled by default!
These are default values when a new Realm is created (tested in 2024).
- General:
- Enabled: ON
- User-Managed Access: OFF
- Endpoints:
- OpenID Endpoint Configuration
- SAML 2.0 Identity Provider Metadata
- Login:
- User registration: OFF
- Edit username: OFF
- Forgot username: OFF
- Remember Me: OFF
- Verify email: OFF
- Login with email: ON
- Require SSL: external requests
- Brute Force Detection:
- Enabled: OFF
- Permanent Lockout: OFF
- Max Login Failures: 30
- Wait Increment: 1 Minute
- Quick Login Check Milli Seconds: 1000
- Minimum Quick Login Wait: 1 Minute
- Max Wait: 15 Minutes
- Failure Reset Time: 12 Hours