KEYCLOAK - Implementing Custom REST Resources (endpoints) | Niko Köbler (@dasniko)
#Keycloak has the #OIDC authentication endpoints and also the Admin #REST API endpoints to manage the server as an administrator (and also the admin UI makes use of this). But you can also extend Keycloak and implement own custom REST resources, aka endpoints. In this video I'll show how to do this and also how to secure these custom endpoints, so that no misuse is possible. Last but not least, I demonstrate how to automatically test your custom REST resources with the help of the #Testcontainers-Keycloak project. 📖 Chapters: 0:00 - Intro 0:38 - Keycloak Default Endpoints and Resources 0:48 - OpenID Endpoint Configuration 1:25 - Admin REST API 2:36 - Implementing the Custom Resource Provider Factory 3:45 - Implementing the Custom Resource Provider 4:33 - Anonymous, unsecured endpoint "hello" 7:30 - Securing endpoints only for authenticated users 13:44 - Automated Testing of you custom REST Resources with Testcontainers-Keycloak 15:02 - Outro 🔗 Links: 📌 Example Source Code @ Github: https://github.com/dasniko/keycloak-e... 📌 Testcontainers-Keycloak Video: • Integration Tests with Keycloak & Testcont... 📌 Testcontainers-Keycloak Project: https://github.com/dasniko/testcontai... Thanks for watching! Don't forget to subscribe 🔔 to my channel (if not already done) and give this video some thumbs up 👍 (aka "like"). Tell me about your experiences and in the comments. I'm looking forward to it! Thank YOU! --- I'm Niko - and I'm an independent freelance software consultant, developer and trainer. I'm here to help - you, your team and your company. How can I support you? Just get in contact: 🌎 Website: https://www.n-k.de 🐦 Twitter: / dasniko 🚧 GitHub Profile: https://github.com/dasniko 🎥 YouTube Channel: https://www.youtube.com/c/NikoKöbler?... All things Cloud ☁️, Serverless, On-Premise, Java, JavaScript, All-End (Frontend, Backend, Fullstack Deployments), Authentication, Security 🔐, IAM, Keycloak, Containers, DevOps Please understand that YouTube Comments are not a good place to get support in case of questions and errors. There are forums and groups out there which are the right place to ask!
KEYCLOAK with HTTPS & mutual TLS / X.509 authentication | Niko Köbler (@dasniko)
Integration Tests with Keycloak & Testcontainers (& Quarkus) | Niko Köbler (@dasniko)
KEYCLOAK Implementing Custom User Storage Provider (in-depth) | Niko Köbler (@dasniko)
KEYCLOAK Upgrading and Migration - Frequently Asked Questions | Niko Köbler (@dasniko)
Bilding an effective identity and access management architecture with Keycloak
KEYCLOAK Home IdP Discovery (w/ Sven-Torben Janus) | Niko Köbler (@dasniko)
#KEYCLOAK #Organizations - Multi Tenancy in 1 Realm | Niko Köbler (@dasniko)
Securing Spring Boot Microservices with Keycloak using OpenID | OAuth2.0 | JavaTechie
Getting Started With Keycloak in 2026 (free Identity Server alternative)
How to Design APIs Like a Senior Engineer (REST, GraphQL, Auth, Security)
Authorization simplified | Keycloak edition
How to secure your Microservices with Keycloak - Thomas Darimont
KEYCLOAK Cluster - Up and Running in Seconds | Niko Köbler (@dasniko)
#KEYCLOAK DevDay 2026: DPoP in Practice: Preventing Token Replay Attacks | Halil Özkan & Eren Kan
Building an AI Dark Factory: A Codebase That Writes Its Own Code, Live
KEYCLOAK Restrict Client Auth (w/ Sven-Torben Janus) | Niko Köbler (@dasniko)
How to secure your Spring Apps with Keycloak by Thomas Darimont @ Spring I/O 2018
MFA, Passwordless Authentication and the Lost Phone by Niko Köbler
Quarkus & Keycloak Authentication - How to join both worlds and secure your endpoints | @dasniko
