Keycloak as IdP


We need to store user (including passwords), team memberships and organizations.


  1. LDAP via

    We can use the existing infrastructure to manage users and organizations.

  2. VSHN-owned Keycloak

    There is which we could integrate APPUiO Cloud customers.

  3. APPUiO-owned Keycloak

    Each APPUiO instance brings its own Keycloak. This still leaves doors open for federation scenarios or other social logins like GitHub or Google.


APPUiO-owned Keycloak


Keycloak is a well-known Identity Provider that provides SSO. To ease integrations between zones, each APPUiO instance brings its own managed Keycloak.

There are also plans to make APPUiO Cloud resellable, meaning that nothing should really depend on VSHN infrastructure.