Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.
Users authenticate with Keycloak rather than individual applications. This means that your applications don’t have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don’t have to login again to access a different application.
This also applied to logout. Keycloak provides single-sign out, which means users only have to logout once to be logged-out of all applications that use Keycloak.
$ git clone https://github.com/redhat-helloworld-msa/sso $ cd sso/ $ oc new-build --binary --name keycloak $ oc start-build keycloak --from-dir=. --follow $ oc new-app keycloak $ oc expose svc/keycloak
$ oc set probe dc/keycloak --readiness --get-url=http://:8080/auth
$ oc project helloworld-msa # Using CDK3 $ oc set env dc KEYCLOAK_AUTH_SERVER_URL=http://keycloak-sso.`minishift ip`.nip.io/auth -l app # Example: OS_SUBDOMAIN=192.168.64.11.nip.io $ oc set env dc KEYCLOAK_AUTH_SERVER_URL=http://keycloak-sso.192.168.64.11.nip.io/auth -l app $ oc set env dc/frontend ENABLE_SSO=true