Keycloak

Keycloak is an open source software product to allow single sign-on (SSO) with identity and access management aimed at modern applications and services.

Default configuration

Bruteforce detection is disabled by default!

These are default values when a new Realm is created (tested in 2024).

  • General:
    • Enabled: ON
    • User-Managed Access: OFF
    • Endpoints:
      • OpenID Endpoint Configuration
      • SAML 2.0 Identity Provider Metadata
  • Login:
    • User registration: OFF
    • Edit username: OFF
    • Forgot username: OFF
    • Remember Me: OFF
    • Verify email: OFF
    • Login with email: ON
      • Require SSL: external requests
  • Brute Force Detection:
    • Enabled: OFF
    • Permanent Lockout: OFF
    • Max Login Failures: 30
    • Wait Increment: 1 Minute
    • Quick Login Check Milli Seconds: 1000
    • Minimum Quick Login Wait: 1 Minute
    • Max Wait: 15 Minutes
    • Failure Reset Time: 12 Hours