Why is AgriChain implementing the Keycloak product?

Understanding the importance of easy integration with world software leaders, IT company AgriChain decided to implement the Keycloak product with maximum features of security, convenience and reliability.

The architects of AgriChain IT solutions note that by implementing Keycloak, they gained access to the developments of the world’s best IT teams in the field of information security. But they note that when choosing a solution, they set themselves the task of finding such a standard with protocols that would allow users to be authorized by using AgriChain’s internal authorization server and corporate software providers, such as Microsoft or Google.

“We get maximum flexibility in integrating our solutions with corporate solutions of our clients. In addition, the system itself is autonomous. This is a ready-made software product that does not need to be “added” in terms of functionality. It can be scaled, provided there is a large number of customers,” – note the architects of AgriChain IT solutions.

That is why it was decided to update the authorization mechanisms to the current PKCE scheme of the OAuth 2.0 standard and implement the open source Keycloak product. OAuth 2.0 is a current authorization protocol that allows users to transfer access rights to their resources to third-party services (we will talk about the advantages of this protocol in more detail in our next articles).

Keycloak is currently one of the most popular and effective authentication and authorization management platforms in the world. It is chosen by giant companies – industry leaders: Amazon, Netflix, Salesforce, JPMorgan Chase; LinkedIn, Twitter, eBay.

Why Keycloak?

The Keycloak open source IT solution is focused on modern AgriChain software products and is suitable for implementing single sign-on authorization with full access customization. “Single login window” ― i.e., one password for all corporate services ― is the prerogative of a solution ideally suited to the AgriChain ecosystem. That is, there is no need to deal with numerous user authentication windows at various “product → user” touch points.

For example, already today users of AgriChain Scout crop monitoring and management IT solution, after authorization in the Keycloak window, are freely allowed to work with AgriChain Logistics IT solution for logistics management of TMC, because the administrator of the Keycloak system has prescribed the appropriate roles for access without additional authentication.

Benefits of Keycloak

Before working with Keycloak, it was necessary to enter the application with a login and password, receive a permanent token, and then authorize the user using it, if the token’s lifetime expired, problems began. But in Oauth2, an option with dynamically changing tokens was offered, which reduced the possibility of direct attacks, and the keys by which the user is authorized on the site are automatically updated every few minutes. And this is not the only advantage of technology. When choosing the “single window of authorization”, AgriChain specialists highlighted three fundamental advantages of the product.

1. Open Source. Being an open source software, Keycloak is free to use and modified as needed. This allows you to quickly implement ideas and ensure application security without spending time and money on developing your own security tools. For example, we managed to save a lot of time on customizing the authorization page according to our requirements and design wishes, because the Keycloak architecture is standardized, open and allows developers to interact with the architecture code at any level.

2. Easy to use and customize. The software has a simple and clear user interface and allows you to quickly configure authentication and authorization for the project. Additionally, Keycloak has provided detailed documentation to help you navigate more complex features and integrations.

3. High security. Keycloak provides enterprise-level security, which means you can be confident that your data and applications are safe. Keycloak uses security protocols such as OAuth 2.0, OpenID Connect, and SAML 2.0, which ensure project security at a high level, which is a very important issue for AgriChain developers.

What tasks does Keycloak solve?

• Access control. Allows you to manage access to various applications and resources, allows you to configure access policies and user roles to ensure the security of applications and access to data.
• Authentication. Enables authentication of users logged into IT applications. This ensures the security of software products and data, as access to them will be allowed only to authorized users.
• Authorization. Keycloak makes it possible to authorize users for different roles to increase security and reduce the risk of data leakage.
• Centralized management. It is possible to manage access to applications and resources, which in turn means that you can set up access policies, roles and rights for users once, and then use them for different applications.

According to Accenture, 43% of attacks are aimed at small and medium-sized businesses, only 14% of these companies are ready to defend themselves. Therefore, the AgriChain company is pleased to announce that from now on, Ukrainian agribusinesses that use our company’s IT solutions have joined the world’s best practices for protecting their own data.

We at the company are convinced that by introducing the best global developments into IT products created in Ukraine, we are building one of the levels of the standard of the agro-industrial industry and continue to strengthen the principles of sustainable development.