Integration with Keycloak for Centralized User Management

[matbrgz]

Overview:
Add support for integrating our application with Keycloak to centralize user management, implement role-based access control, and provide support for multiple authentication protocols.

Feature Details:

1. Centralized User Management:

   • Integrate with Keycloak to centralize user authentication and management.

2. Role-Based Access Control (RBAC):

   • Implement role-based access control using Keycloak's capabilities to manage user roles and permissions.

3. Support for Multiple Protocols:

   • Enable support for multiple authentication protocols provided by Keycloak, such as OpenID Connect, OAuth 2.0, and SAML.

Benefits of Keycloak Integration:

1. Centralized User Administration:

   • Simplify user administration by managing users in a centralized location (Keycloak).

2. Enhanced Security:

   • Leverage Keycloak's security features to enhance authentication and authorization mechanisms.

3. Scalability:

   • Support scalability by utilizing Keycloak's capabilities for handling authentication and authorization at scale.

4. Flexibility with Protocols:

   • Allow flexibility in authentication by supporting multiple protocols, catering to various use cases.

Proposed Action:

1. Integration Planning:

   • Plan the integration with Keycloak, considering the specifics of our application.

2. Role Mapping:

   • Define and map application roles to roles managed in Keycloak for consistent access control.

3. Protocol Support:

   • Explore and implement support for multiple authentication protocols provided by Keycloak.

4. Documentation:

   • Update documentation to guide users/administrators on configuring Keycloak integration.

5. Testing:

   • Conduct thorough testing of the integration to ensure seamless functionality.

Next Steps:

1. Kickoff Meeting:

   • Schedule a meeting to discuss the requirements and plan the integration.

2. Development Sprint:

   • Allocate a dedicated sprint for development and testing of the Keycloak integration.

3. User Acceptance Testing (UAT):

   • Conduct UAT to gather feedback from end-users.

4. Release:

   • Plan the release of the feature as part of the upcoming release cycle.

[jb-alvarado]

I don't see the need for that right now. I don't plan to have a solution that will be used by many users at the same time. User management, roles, permissions, etc. are more reseller and enterprise features that I'm not very interested in integrating.

If I change my mind I could image something smaller, like kanidm

[JunioCalu]

@jb-alvarado, perhaps it would be wise for you to consider introducing paid enterprise support in the future. You could maintain the open-source nature while adding an enterprise version or offering support for a fee.

[matbrgz]

IMO definitely we can go with kanidm, just have a better user mgmt seems a huge improvement for production install or for whom those want to customize ffplayout. I'm totally open to help, I want to make ffplayout a company. Let's start work on a roadmap and a budge for 2024.

I will edit this issue later, keep it open.