stack-profile:auth-identity-platform
Auth & Identity Platform Stack (Node.js, Keycloak, PostgreSQL, Redis, OAuth2, Docker) overview
A centralized authentication and identity platform using Keycloak as the identity provider with support for OIDC, SAML, and social login federation. Node.js with Express or Fastify serves as a lightweight gateway that handles session management, token refresh, and application-specific authorization logic. PostgreSQL stores user profiles, tenant configurations, and audit logs. Redis caches active sessions and revocation lists for sub-millisecond token validation. Passport.js provides strategy-based authentication middleware for custom flows. Docker Compose orchestrates Keycloak, the gateway, and backing services for local development. This stack is designed for organizations that need SSO across multiple applications, fine-grained RBAC, and compliance with standards like SOC 2 and GDPR. The tradeoff is Keycloak's operational complexity — theming, realm configuration, and upgrade migrations require dedicated expertise.
Attributes
Outgoing edges
- domain:security·DomainSecurity
- domain:software-engineering·DomainSoftware Engineering
- language:typescript·LanguageTypeScript
- tool:keycloak·ToolKeycloak
- library:passport·LibraryPassport
- library:ioredis·Libraryioredis
- library:prisma·LibraryPrisma
- tool:docker·ToolDocker
- library:express·LibraryExpress
- tool:docker-compose·ToolDocker Compose
- workflow:access-review·WorkflowAccess Review
- workflow:security-audit·Workflow
- skill-area:authentication·SkillAreaAuthentication
- skill-area:oauth-flows·SkillAreaOAuth Flows
- skill-area:identity-security·SkillAreaIdentity & Access Security
- skill-area:backend-security·SkillAreaBackend Security
- skill-area:containerization·SkillArea
- role:backend-engineer·RoleBackend Engineer
- role:security-engineer·RoleSecurity Engineer
- role:platform-engineer·Role