Keycloak Server side adapter


As per Authentication docs , Entando is suggesting to use Keycloak Client Side adapter for authentication purpose. Which seems to be least secure and not the preferred way. What is the alternative way to handle this in server side and provide authentication details to the microfrotends ?

Anish A.Nair

Hey, @anishanair.

Typically you’d see both the frontend and the backend take advantage of the keycloak roles/permissions to secure your application. The Entando blueprint includes Spring Security so you can add annotations to your services, e.g. @Secured(AuthoritiesConstants.ADMIN), to secure individual services. You can also use SecurityContextHolder.getContext().getAuthentication() to get more information about the current security context.

That’s a bit general (and we have a ticket in to get a tutorial written up for it) but hopefully helpful,