Home
Utilities
Application Utilities
API Tools

Gravitee.io vs Keycloak

Need advice about which tool to choose?Ask the StackShare community!

Gravitee.io
32
118
+ 1
3
Keycloak
705
1.3K
+ 1
102
Add tool

Gravitee.io vs Keycloak: What are the differences?

Introduction

In this Markdown code, we will discuss the key differences between Gravitee.io and Keycloak. Gravitee.io and Keycloak are both identity and access management solutions, but they have distinct features and functionalities. Understanding these differences can help in selecting the most suitable solution for specific requirements.

  1. Administration Interface: Gravitee.io provides a user-friendly web-based administration console, which offers a comprehensive set of features for managing and configuring the APIs, plans, and policies. On the other hand, Keycloak provides a more customizable administration interface that enables fine-grained control over the identity realm, client settings, and user attributes.

  2. Authentication and Authorization: Gravitee.io supports various authentication methods, including OAuth2, OpenID Connect, and SAML. It provides flexible authorization policies that can be easily customized based on API requirements. Keycloak, on the other hand, focuses on providing a unified authentication and authorization service, supporting various protocols and standards such as OAuth2, OpenID Connect, and SAML. It offers a wide range of authentication flows and allows for the implementation of complex authorization scenarios.

  3. User Federation: Gravitee.io allows user synchronization with external identity providers through its user federation feature. It supports LDAP, Active Directory, and other popular user directories. In contrast, Keycloak has a powerful user federation feature that enables synchronization with various external identity providers, including LDAP, Active Directory, and social login providers, with the ability to map and transform user attributes.

  4. Fine-Grained Access Control: Gravitee.io provides comprehensive access control capabilities, allowing administrators to define roles and permissions at various levels, such as APIs, plans, and policies. It supports role-based access control (RBAC) and provides flexibility in defining access rules. Keycloak also offers fine-grained access control through its roles and permissions model, allowing administrators to define access policies at different levels, such as realms, clients, and resources. It supports role-based access control (RBAC) and attribute-based access control (ABAC) strategies.

  5. Scalability and High Availability: Gravitee.io is designed to be highly scalable and can handle a large number of API requests. It provides clustering capabilities for horizontal scalability and supports high availability setups. Keycloak is also highly scalable and can handle a large number of authentication requests. It offers clustering capabilities for horizontal scalability and provides high availability configurations for production deployments.

  6. Extensibility and Customization: Gravitee.io provides a plugin framework that allows developers to extend and customize its functionalities. It supports custom policies, event handlers, and authentication providers. Keycloak also offers a rich set of extension points and allows for the development of custom SPIs (Service Provider Interfaces). It provides capabilities to customize various aspects, such as user federation, authentication flows, and client authentication mechanisms.

In summary, Gravitee.io focuses on comprehensive API management features with flexible authentication and authorization capabilities, while Keycloak provides a unified identity and access management solution with extensive customization options. The choice between Gravitee.io and Keycloak depends on specific requirements, such as the need for API management functionalities or a more customizable authentication and authorization service.

Advice on Gravitee.io and Keycloak
sindhujasrivastava
| 4 upvotes · 226.8K views
Needs advice
on
KeycloakKeycloakOktaOkta
and
Spring SecuritySpring Security

I am working on building a platform in my company that will provide a single sign on to all of the internal products to the customer. To do that we need to build an Authorisation server to comply with the OIDC protocol. Earlier we had built the Auth server using the Spring Security OAuth project but since in Spring Security 5.x it is no longer supported we are planning to get over with it as well. Below are the 2 options that I was considering to replace the Spring Auth Server. 1. Keycloak 2. Okta 3. Auth0 Please advise which one to use.

See more
Replies (3)
Luca Ferrari
Solution Architect at Red Hat, Inc. · | 5 upvotes · 204.6K views
Recommends
on
KeycloakKeycloak

It isn't clear if beside the AuthZ requirement you had others, but given the scenario you described my suggestion would for you to go with Keycloak. First of all because you have already an onpremise IdP and with Keycloak you could maintain that setup (if privacy is a concern). Another important point is configuration and customization: I would assume with Spring OAuth you might have had some custom logic around authentication, this can be easily reconfigured in Keycloak by leveraging SPI (https://www.keycloak.org/docs/latest/server_development/index.html#_auth_spi). Finally AuthZ as a functionality is well developed, based on standard protocols and extensible on Keycloak (https://www.keycloak.org/docs/latest/authorization_services/)

See more
Sandor Racz
Chief Architect · | 2 upvotes · 186.6K views
Recommends
on
KeycloakKeycloak

We have good experience using Keycloak for SSO with OIDC with our Spring Boot based applications. It's free, easy to install and configure, extensible - so I recommend it.

See more
Lukas Marschall
| 2 upvotes · 144.4K views
Recommends
on
KeycloakKeycloak

You can also use Keycloak as an Identity Broker, which enables you to handle authentication on many different identity providers of your customers. With this setup, you are able to perform authorization tasks centralized.

See more
Get Advice from developers at your company using StackShare Enterprise. Sign up for StackShare Enterprise.
Learn More
Pros of Gravitee.io
Pros of Keycloak
  • 1
    Rich policy library
  • 1
    Easy deployment on OpenShoft
  • 1
    Paid service is available(beneficial in the time of p)
  • 0
    No Managed Service
  • 33
    It's a open source solution
  • 24
    Supports multiple identity provider
  • 17
    OpenID and SAML support
  • 12
    Easy customisation
  • 10
    JSON web token
  • 6
    Maintained by devs at Redhat

Sign up to add or upvote prosMake informed product decisions

Cons of Gravitee.io
Cons of Keycloak
  • 1
    Not Cloud Ready
  • 7
    Okta
  • 6
    Poor client side documentation
  • 5
    Lack of Code examples for client side

Sign up to add or upvote consMake informed product decisions

What is Gravitee.io?

It is a flexible, lightweight and blazing-fast open source API Platform that helps your organization control finely who, when and how users access your APIs.

What is Keycloak?

It is an Open Source Identity and Access Management For Modern Applications and Services. It adds authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box.

Need advice about which tool to choose?Ask the StackShare community!

Jobs that mention Gravitee.io and Keycloak as a desired skillset
Software Engineer II (Backend), Data Encryption
Postman
Bangalore, India
View Job Details
highlight.ioPatternsSchedule+5
Engineering Manager, Workspaces
Postman
Bangalore, India
View Job Details
Continuehighlight.ioTier+10
Senior Engineering Manager, Data Engineering
Postman
Bangalore, India
View Job Details
Cohesivehighlight.ioSchedule+6
Senior Engineering Manager - Public Workspace
Postman
Bangalore, India
View Job Details
ScheduleTypeScriptPostman+4
Senior Cloud Engineer
Postman
San Francisco, United States
View Job Details
UtilizeageCrossplane+9
Strategic Solution Engineer
Postman
Toronto, Canada
View Job Details
ageReflectRelax+6
Strategic Solution Engineer
Postman
Boston/ NYC, United States
View Job Details
ContinueageReflect+7
Senior Engineer (Backend), Collections
Postman
Bangalore, India
View Job Details
ContinueNavigateSchedule+10
What companies use Gravitee.io?
What companies use Keycloak?
See which teams inside your own company are using Gravitee.io or Keycloak.
Sign up for StackShare EnterpriseLearn More

Sign up to get full access to all the companiesMake informed product decisions

What tools integrate with Gravitee.io?
What tools integrate with Keycloak?

Sign up to get full access to all the tool integrationsMake informed product decisions

What are some alternatives to Gravitee.io and Keycloak?
Kong
Kong is a scalable, open source API Layer (also known as an API Gateway, or API Middleware). Kong controls layer 4 and 7 traffic and is extended through Plugins, which provide extra functionality and services beyond the core platform.
Postman
It is the only complete API development environment, used by nearly five million developers and more than 100,000 companies worldwide.
Insomnia REST Client
Insomnia is a powerful REST API Client with cookie management, environment variables, code generation, and authentication for Mac, Window, and Linux.
OpenAPI
It is a publicly available application programming interface that provides developers with programmatic access to a proprietary software application or web service.
Retrofit
Retrofit turns your HTTP API into a Java interface
See all alternatives

Related Comparisons

Keycloak vs UserbinAuth0 vs KeycloakDailyCred vs KeycloakKeycloak vs SatellizerKeycloak vs Stormpath

Trending Comparisons

Django vs Laravel vs Node.jsBootstrap vs Foundation vs Material-UINode.js vs Spring BootFlyway vs LiquibaseAWS CodeCommit vs Bitbucket vs GitHub

Top Comparisons

Postman vs Swagger UIHipChat vs Mattermost vs SlackBitbucket vs GitHub vs GitLabBootstrap vs Materialize