Skip to main content

14 posts tagged with "authorization"

View All Tags

Instant MCP authorization using Keycloak

· 11 min read
Phase Two
Hosted Keycloak and Keycloak Support

If you are exposing tools over MCP, you usually do not want every client on the network calling them anonymously. Even for a local prototype, you typically want a real login flow, consent, scoped access tokens, and a clean way to validate who is allowed to run what.

Keycloak is the easiest way to do that without inventing your own authorization layer. It already handles browser login, consent, token issuance, JWKS discovery, and OAuth metadata. Your MCP server just needs to behave like a protected resource and validate bearer tokens correctly.

In this guide, we will build a tiny calculator MCP server in Python, protect it with Keycloak, and connect to it from VS Code using Dynamic Client Registration (DCR). By the end, VS Code will open a browser to Keycloak, you will sign in, approve access to the mcp:run scope, and then call your MCP tools directly from chat.

Keycloak SAML Identity Provider (IdP) Initiated Flow with Okta

· 11 min read
Phase Two
Hosted Keycloak and Keycloak Support

IdP Initiated Flow

When implementing SAML for the establishment of an Identity Provider, two primary options are available:

  1. Service Provider (SP) initiated
  2. Identity Provider (IdP) initiated

The SP initiated flow is widely recognized by users due to its straightforward configuration, which is merely the exchange of some metadata. In contrast, the IdP-initiated flow is less intuitive and involves an additional step that may not be readily apparent to many users. The purpose of this blog is to elucidate the steps necessary to successfully execute the IdP-initiated flow. We will setup a full example

A fundamental understanding of SAML 2.0 and Keycloak is required to effectively follow the provided instructions.

Securing Keycloak with OIDC SPA and Phase Two

· 6 min read
Phase Two
Hosted Keycloak and Keycloak Support
OIDC SPA Logo

Our pal over at Keycloakify has been working on creating a simple OpenId Connect (OIDC) library called, OIDC Spa. As with Joseph's usual approach to user friendliness, OIDC SPA simplifies a lot of the integration work than can come with adding an Authentication and Authorization layer to your application. Follow along as we show you how to integrate OIDC SPA with a Phase Two's free Keycloak instance.

Securing Angular Apps with Keycloak

· 2 min read
Phase Two
Hosted Keycloak and Keycloak Support

In this article we'll be using Keycloak to quickly secure a Angular application with user management and single sign on (SSO) using the open source IAMs Keycloak for Authentication and Authorization. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.

Phase Two Organizations now support shared Identity Providers (IdPs)

· 2 min read
Phase Two
Hosted Keycloak and Keycloak Support

An exciting new feature has been added to Phase Two Organizations Extension! Organizations now support shared Identity Providers (IdPs) for mapping multiple organizations to a single IDP. This feature is especially useful for organizations that have multiple organizations that need to share the same IDP.

Securing SvelteKit Apps with Keycloak

· 2 min read
Phase Two
Hosted Keycloak and Keycloak Support

In this article we'll be using Keycloak to quickly secure a SvelteKit application with user management and single sign on (SSO) using the open source IAMs Keycloak for Authentication and Authorization. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.

Securing Remix Apps with Keycloak

· 2 min read
Phase Two
Hosted Keycloak and Keycloak Support

In this article we'll be using Keycloak to quickly secure a Remix application with user management and single sign on (SSO) using the open source IAMs Keycloak for Authentication and Authorization. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.

Securing Vue Apps with Keycloak

· 2 min read
Phase Two
Hosted Keycloak and Keycloak Support

In this article we'll be using Keycloak to quickly secure a Vue application with user management and single sign on (SSO) using the open source IAMs Keycloak for Authentication and Authorization. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.

Securing Nuxt Apps with Keycloak

· 8 min read
Phase Two
Hosted Keycloak and Keycloak Support

In this article we'll be using Keycloak to quickly secure a Nuxt application with user management and single sign on (SSO) using the open source IAMs Keycloak for Authentication and Authorization. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.