Back to directory

Keycloak

Open-source identity and access management with standards-based SSO, OIDC, and SAML.

89Strong

Where it fits

Organizations that need self-controlled identity infrastructure with standard federation support.

Watch points

Identity is critical infrastructure; operations, upgrades, backups, and incident response must be treated seriously.

Score breakdown

15/15 - License

Apache-licensed open-source project.

16/18 - Self-host

Self-hosting is a primary deployment model.

14/16 - Data

User and realm data can live in operator-controlled infrastructure.

9/12 - Privacy

Privacy depends on identity design, retention, and logging configuration.

8/8 - Interop

Strong standards posture through OIDC, OAuth, and SAML.

12/14 - Ops

Mature, but operationally sensitive due to identity criticality.

10/12 - EU fit

Often suitable for EU-controlled deployments and public-sector architectures.

5/5 - Governance

Large ecosystem with clear open-source lineage.

Review notes

This seed entry was migrated from the initial Sovereign Web Stack index. Contributors should update it when public evidence changes.

Methodology note

This project is scored against the public Sovereign Web Stack methodology. Review the full scoring model before comparing tools across categories.

Open methodology