Apache-licensed open-source project.
Keycloak
Open-source identity and access management with standards-based SSO, OIDC, and SAML.
Where it fits
Organizations that need self-controlled identity infrastructure with standard federation support.
Watch points
Identity is critical infrastructure; operations, upgrades, backups, and incident response must be treated seriously.
Score breakdown
Self-hosting is a primary deployment model.
User and realm data can live in operator-controlled infrastructure.
Privacy depends on identity design, retention, and logging configuration.
Strong standards posture through OIDC, OAuth, and SAML.
Mature, but operationally sensitive due to identity criticality.
Often suitable for EU-controlled deployments and public-sector architectures.
Large ecosystem with clear open-source lineage.
Review notes
This seed entry was migrated from the initial Sovereign Web Stack index. Contributors should update it when public evidence changes.
Methodology note
This project is scored against the public Sovereign Web Stack methodology. Review the full scoring model before comparing tools across categories.