Preamble

Keycloak provides us a openid compliant single sing on server (SSO). We can use it to authenticate our users. We will then validate its access token to authorize the user.

This gives us the possibility to separeate the front end from the backend. For example using a javascript front end like Nuxt, and a API backend built with Laravel. Additionally, we can reuse the same authentication for many other clients.

Overview

• Create a laravel backend

• require 'robsontorio/keycloak'

• create a keycloak client and configure it

• copy the public certificate which is used to valideate the access token

• create a user class

• put it together

• provide the proof