single-sign-onkeycloakcasoktacons

CAS vs Okta Vs Keycloak comparisions as an SSO solution


Which is the best option for SSO implementation Keycloack Vs CAS Vs Okta? I'm specifically looking for the disadvantages of each service to identify the best suitability for my system.


Solution

  • Both Keycloak and Okta should provide what you're looking for. I'm not sure about CAS as I haven't used it in 10 years. Since both Keycloak and Okta use OAuth 2.0/OIDC, you might even be able to use Keycloak in development, and Okta in production.

    I've implemented OAuth 2.0 / OIDC support in JHipster. It uses Keycloak (in a Docker container) by default, and provides instructions for switching to Okta. Thanks to the power of Spring Security and Spring Boot, you only need to override some properties to switch between the two!