Wonderful video. I wonder if a video might be coming on how to do Angular >> Spring BFF >> KeyCloak + Spring Resource Server...? Using a BFF is generally considered more secure, so that the tokens aren't exposed to Angular or stored in local session storage. The best step by step videos though on TH-cam!
Alibou you are the est tutor I have ever seen. You change life of many students worldwide you are the best ❤ all I can say is thank you thank you. All this for freee
Sir, your projects are AWESOME....They includes industry level standards like CI/CD , proper authentication with Email, Docker etc.....But SIr please bring a Project with all these Industry standards with REACT or NEXT.JS pleaseeeeeeeeeeeeeeeee sir......
Amazing serie of vidéos, that was pretty interesting. It could be nice to add another vidéo about implementing an api gateway with nginx, manage load balancing with it, and see how to deploy all of this in you VPS.
Interesting but I thought we were going to learn how to implement keycloack on the back end side and that's not the case here. We just modified an existing project but didn't explain the minimum we need to use the roles given to us with a simple controller for example and some routes. Thank you very much anyway for the front part which helped me a lot.
Thanks man it helps a lot for me as an intern. More power to you... 🎉 Can you please make any industry level project with atleast minimum number of microservices. ?
Thank you for the course Ali !!! I'm getting 'ERROR Reference Error: document is not defined' at 38:39. Checked many places, but couldn't find a solution. Can you please explain why could it happen?
This video is great, you deserve the subscription and like. Just one thing, it's been a while since I found a video or documentation that perfectly explains how to customize the keycloak login using docker. If one day you could make a video explaining how to solve it, I would greatly appreciate it. Great video, greetings!🚀🚀
So thank you very much for the very helpful tutorial. I do have a question for u: If in need to add a custom key to my jwt, like as tenantId for MultitenantId app or Multi-Database App. How to customise the generated JWT from Keyloak? Dose Keyloak provide such as mechanism to modify or add some new properties to jwt? Especially by login with a custo input in the login template, where the user has to provide a unique id (the tenantId) and add it in the JWT ? If i add a new attribute to the register and login template, where can i add this attribute value to the jwt? And can i asign create a function that check if there is a group for this attribute? So if there is no group with the same value name i will not register the user or logged him in the app if he is not in the group! I need this customization for a multiclient web app that use for each client a different DB with same schemata. For that i need to have a tenantId in my JWT that identifies the DB to get the data from it. I know it is a little bit advaced but it will help me alot to just to know if it is possible or not😊. I hope that my question is clear enough 😅
Merci beaucoup pour ce tuto, Est-ce que tu peux nous montrer comment on peux profiter du keycloak sans avoir rediriger le client vers l'interface d'accueils keycloak. Merci d'avance.
Hey ali, this tutorial is just brilliant really loved it but I was thinking on how can we implement the oauth2 login using bff pattern or even how to implement the entire login flow by ourself if possible can you please make a tutorial on these?
Your book social network project is really awesome ,I practiced different things like CI/CD pipeline using your video,but keycloak is not working with angular 17 , could you please explain how to do it on perform keycloak authentication using angular 17 or above
Nice video! Can you do a video using springAI since it s new! Maybe you can create a chatbot App who where you can upload a PDF and the chatbot can answer your questions concerning the pdf you uploaded in the DB. Sounds a good challenge and it will be helpful !
Great content Ali. A question through, Angular being SPA, isn't it better to implement OAuth2 with PKCE? Can you please include that as well if possible? The matters get confusing when we start dealing with Code_Verifier and Code_Challenge which are necessary for PKCE and for my life I am not able to figure it out with Angular, Keycloak and Spring Boot
Hi Ali, thanks for great tutorials. I know that maybe will be too much , but can you make keycloak tutorial for user federations. Maybe for example with users from bsn. Thanks in advance sir
That's interesting but if I want to use my custom login page and I want to include google login button , what will be authentication flow in that case.
Thank for the good video I have been asking myself for a long time, how do I do this if I have an e commerce store? Can I have an address table in my Spring App and map the data into the token? In keycloak you can include the address, you just have to select it.
thank you very much for this tutoriel but i want to know howa to create permession and ressource when you use a public client if i can't what should i do to integrate keycloack in angular and springboot and create permission in the same time and thank you .
Hi Ali, first of all I would like to express my gratitude for all the very detailed videos and your content. I followed the video series in great detail and coded it, but unfortunately it doesn't work with gmail and the generated app password. I have also tried other email providers, but without success. When testing the connection between Keycloak and Gmail, I can't find any information in the Keycloak (container) log or the web console that can help me solve the problem. Do you have any idea what the problem is? Thank you very much
I have multiple Spring boot Applications. But Have single Angular Application who uses these all Spring boot apps. Now If I want to setup Auth for different Spring boot Apps, Do I have to create separate clients under one realms? What would be recommended Approach for it?
I watched the old jwt video and i want to watch the new version of it but you also replied on a conment to study this one. In your advice what should i learn keycloak or jwt? Or they both are related and should study both of them?
Thank you so much Ali, I have a question: after I created my realm and created a client and a user, when i logout to login again with the new user it doesnt work, but if i login with admin i can see i have the new user but can't use it to login. Any suggestions?
It’s awesome can you implement this code as standards implementation and in all combination also there is one another client wso2 which I think is advanced security management tool if it is possible then please focus on that also
Can you tell me how to bring back book owner name in book-card. I spent 2-3 whole night but unable to fix it. I tried via keyclock jwt, keyclock api, etc. but only null is coming. Right now we are using bookdb which doesn't have owner name. Actually user_entity table, inside keyclock db in different postgres db, have that owner name. Though connectedUser.getName() gives primary key for keyclock db, but unable to fetch data as it's another db(not sync with our jpa). I can write Code to fetch data from two db implementation, but just to get owner name will be too heavy, there must be some easy way around. Please help me. Guide me.
Sir How can I add the resources in the keycloak user token payload? I have created the resources, scopes, policies and permissions in the keycloak now i want to add the resources according to the user roles in the user token. please ans
can you make a new integration keycloak and angular for angular 18 without the -no-standalone? this tutorial is not possible to follow without the -no-standalone while creating the project ....
new subscriber here,i see that you started with an old project of yours, can you please tell me which videos i need to start with to end up here, i want to start with you from scratch pls
Hello Alibou i follow along with your security video now can you help to give another videos which will manage user who loged in either to block user and allow the user helpfully you will work with this also
Hey, Grate Videos.. I am very lucky to be born in this time... Request: A video on how to create custom dialect for Hibernate. for example in Native Query if i use SELECT ARR_AGG(userDB.name) as userName, ARR_AGG(userDB.age) as userAge FROM (SELECT name, age FROM user) as userDB How i can project it to a Interface or Class.
@@BoualiAli i have a question in my project i have implemented jwt with role based access ,if i replace jwt with keycloak will rest of the functionalities work as expected without changing anything , actually it has a huge code base with lot of roles
@@ForAkirah I experienced the same situation. in my case I had to do some changes. it depends on the design of your application. even if it takes sometime, I highly recommend that you migrate to keycloak
Ok, but there is nothing about assigning resources to roles. Right now there is no difference between admin and user because both of them have access to all resources.
Why are you overcomplicating the extractions of scopes to GrantedAuthorities and writing a custom converter when there is a class named JwtGrantedAuthoritiesConverter that is specifically designed for that, It even has its own section in the docs. If you want to tech people spring security i suggest you tech them how to read the docs, and while you are writing things show and reference the docs as i have seen several of your videos providing misinformation and bad practices.
Thanks for the feedback. This my way of teaching things. People need to learn the why and how not only mentioning that there is a token converter provided. If you don’t like my content, feel free to leave and learn from someone else.
Great video but how can user update their user -profile they password, etc... and get the username to display in the front end app and get user details information how can we acquire it
finally the course is here I needed for my final year project
Enjoy it
literally this is the best keycloak course that you can find in the internet
Thank you, I appreciate it
You're producing nuggets right now, you deserve a million followers and lots of likes.
thank you, much appreciated
Thank you for the fantastic Keycloak tutorial! I'm immensely grateful for the effort you've put into creating such informative content
My pleasure ❤️❤️
Wonderful video. I wonder if a video might be coming on how to do Angular >> Spring BFF >> KeyCloak + Spring Resource Server...? Using a BFF is generally considered more secure, so that the tokens aren't exposed to Angular or stored in local session storage. The best step by step videos though on TH-cam!
Je prepare mon projet de fin de master grace a vos cours vraiment merci
Alibou you are the est tutor I have ever seen. You change life of many students worldwide you are the best ❤ all I can say is thank you thank you. All this for freee
Wow, thank you
finally the course is here :D can't wait to watch it
Happy to know that!
Thank You So much For this nice Tutorial.
Amazing course, i like it so much!!! Waiting the keycloak masterclass and others videos coming ... like microservice. Really thankful Ali
More to come!
Sir, your projects are AWESOME....They includes industry level standards like CI/CD , proper authentication with Email, Docker etc.....But SIr please bring a Project with all these Industry standards with REACT or NEXT.JS pleaseeeeeeeeeeeeeeeee sir......
Thanks a ton
I will create some react videos too
@@BoualiAli which frontend framework you recommend us for learning
@@emilbeyerov3278 Angular
You are one of the only spring youtubers please don’t leave spring
thanks for new videos Ali.
Could you create a video about microservices and spring security, how it works together??
Yes, soon
Thank you a lot! The repo you shared helped a lot with my work.
Keycloak? Never heard of it. I thought Spring Security is on top for everything. Thank you for Keycloak explanation.
great works Ali, that's awsome video.
Thanks a ton
Amazing serie of vidéos, that was pretty interesting. It could be nice to add another vidéo about implementing an api gateway with nginx, manage load balancing with it, and see how to deploy all of this in you VPS.
this will be part of the next serie (micro services)
man i wan say that i love u so much about all this effort
from morocco
Thank you so much brother.
I really appreciate it
Salam aalikoum Ali. Bravo. C'est vraiment bien expliqué. Allah yi barek.
Interesting but I thought we were going to learn how to implement keycloack on the back end side and that's not the case here. We just modified an existing project but didn't explain the minimum we need to use the roles given to us with a simple controller for example and some routes.
Thank you very much anyway for the front part which helped me a lot.
Another opportunity to learn, your content is complete and am glad to learn from you
The pleasure is mine
Such a helpful content, thank you a lot
Finally what I have been waiting for a long time, thank you!
Enjoy it
Thanks man it helps a lot for me as an intern. More power to you... 🎉
Can you please make any industry level project with atleast minimum number of microservices. ?
Thank you.
Working on it
MashAllah awesome as always. thoroughly understand keycloak, looking fwd to explore more features myself as well.
Glad to hear that
Thank you for the course Ali !!! I'm getting 'ERROR Reference Error: document is not defined' at 38:39. Checked many places, but couldn't find a solution. Can you please explain why could it happen?
I'm also getting same error.
Thank you sir , I do't know how I to praise you .Thank you so much. sir
you are most welcome
Thank you mister Ali 🎉
Welcome
I'm verry glade to wait you sir
most welcome
This video is great, you deserve the subscription and like. Just one thing, it's been a while since I found a video or documentation that perfectly explains how to customize the keycloak login using docker. If one day you could make a video explaining how to solve it, I would greatly appreciate it. Great video, greetings!🚀🚀
Thanks for the sub!
I will show how to customize the keycloak theme
@@BoualiAlioh! that will be fun..🎉 thanks from my end too😊 Keycloak makes life so easy😅
Personal checkpoint control: 2:28:54 (DONE)
good job
So thank you very much for the very helpful tutorial. I do have a question for u:
If in need to add a custom key to my jwt, like as tenantId for MultitenantId app or Multi-Database App. How to customise the generated JWT from Keyloak? Dose Keyloak provide such as mechanism to modify or add some new properties to jwt?
Especially by login with a custo input in the login template, where the user has to provide a unique id (the tenantId) and add it in the JWT ?
If i add a new attribute to the register and login template, where can i add this attribute value to the jwt? And can i asign create a function that check if there is a group for this attribute? So if there is no group with the same value name i will not register the user or logged him in the app if he is not in the group! I need this customization for a multiclient web app that use for each client a different DB with same schemata. For that i need to have a tenantId in my JWT that identifies the DB to get the data from it.
I know it is a little bit advaced but it will help me alot to just to know if it is possible or not😊.
I hope that my question is clear enough 😅
Awsome!!! Thanks you so much.
I like the idea of a open source project to create keycloak theames...
first contributor
what will be the next video of this serie? Im excited to the websocket one
Surprise .D
@Ali can you create an video on spring authorization server with postgres data, with OAuth configuration
Merci beaucoup pour ce tuto,
Est-ce que tu peux nous montrer comment on peux profiter du keycloak sans avoir rediriger le client vers l'interface d'accueils keycloak.
Merci d'avance.
Merci vraiment Mr
Hey ali, this tutorial is just brilliant really loved it but I was thinking on how can we implement the oauth2 login using bff pattern or even how to implement the entire login flow by ourself if possible can you please make a tutorial on these?
Keep up the good work
Thanks you, I will
You are Amazing brooo......................
Thank you so much 😀
thank you so so much ♥ ♥ ♥
Your book social network project is really awesome ,I practiced different things like CI/CD pipeline using your video,but keycloak is not working with angular 17 , could you please explain how to do it on perform keycloak authentication using angular 17 or above
I will create a migration video to angular 18
Nice video! Can you do a video using springAI since it s new! Maybe you can create a chatbot App who where you can upload a PDF and the chatbot can answer your questions concerning the pdf you uploaded in the DB.
Sounds a good challenge and it will be helpful !
Thanks for the idea!
Great content Ali. A question through, Angular being SPA, isn't it better to implement OAuth2 with PKCE? Can you please include that as well if possible? The matters get confusing when we start dealing with Code_Verifier and Code_Challenge which are necessary for PKCE and for my life I am not able to figure it out with Angular, Keycloak and Spring Boot
Hi ser, is there any to using our own form in angular for auth instead of using the default login page from keycloak. Please help me, thank you!
Hi Ali, thanks for great tutorials. I know that maybe will be too much , but can you make keycloak tutorial for user federations. Maybe for example with users from bsn. Thanks in advance sir
Noted
That's interesting but if I want to use my custom login page and I want to include google login button , what will be authentication flow in that case.
Thank you Brother
Thank for the good video
I have been asking myself for a long time, how do I do this if I have an e commerce store?
Can I have an address table in my Spring App and map the data into the token?
In keycloak you can include the address, you just have to select it.
thank you very much for this tutoriel but i want to know howa to create permession and ressource when you use a public client if i can't what should i do to integrate keycloack in angular and springboot and create permission in the same time and thank you .
Hi Ali, first of all I would like to express my gratitude for all the very detailed videos and your content. I followed the video series in great detail and coded it, but unfortunately it doesn't work with gmail and the generated app password. I have also tried other email providers, but without success. When testing the connection between Keycloak and Gmail, I can't find any information in the Keycloak (container) log or the web console that can help me solve the problem. Do you have any idea what the problem is? Thank you very much
can you please make a video on spring security with React js?
I have multiple Spring boot Applications. But Have single Angular Application who uses these all Spring boot apps. Now If I want to setup Auth for different Spring boot Apps, Do I have to create separate clients under one realms? What would be recommended Approach for it?
I watched the old jwt video and i want to watch the new version of it but you also replied on a conment to study this one.
In your advice what should i learn keycloak or jwt? Or they both are related and should study both of them?
Keycloak
Didn’t work for me the email verification. It says the test connection failed 😢
Thank you so much Ali,
I have a question: after I created my realm and created a client and a user, when i logout to login again with the new user it doesnt work, but if i login with admin i can see i have the new user but can't use it to login. Any suggestions?
It’s awesome can you implement this code as standards implementation and in all combination also there is one another client wso2 which I think is advanced security management tool if it is possible then please focus on that also
watch the video and you get the answer.
otherwise let me know what you are missing
@@BoualiAliokay sir
how can you test application with mock user
Can you tell me how to bring back book owner name in book-card. I spent 2-3 whole night but unable to fix it. I tried via keyclock jwt, keyclock api, etc. but only null is coming. Right now we are using bookdb which doesn't have owner name. Actually user_entity table, inside keyclock db in different postgres db, have that owner name. Though connectedUser.getName() gives primary key for keyclock db, but unable to fetch data as it's another db(not sync with our jpa). I can write Code to fetch data from two db implementation, but just to get owner name will be too heavy, there must be some easy way around. Please help me. Guide me.
Sir How can I add the resources in the keycloak user token payload? I have created the resources, scopes, policies and permissions in the keycloak now i want to add the resources according to the user roles in the user token. please ans
getting this error, not sure why, A 'Keycloak' instance can only be initialized once.
Hi @ Hello - if we are using keycloak.. does that mean mean we don't need to manage any table for user roles , groups in our application databasen?
yes
Is there any solution for multi-tenancy projects?
can you make a new integration keycloak and angular for angular 18 without the -no-standalone?
this tutorial is not possible to follow without the -no-standalone while creating the project ....
if you want to create a module-based app, use --no-standalone flag. Example: ng new proyect --no-standalone
I will upgrade the code to angular 18
hey ali , which web site you use to create those screnn shoot diagram
draw.io
@@BoualiAli thank you man
new subscriber here,i see that you started with an old project of yours, can you please tell me which videos i need to start with to end up here, i want to start with you from scratch pls
just check the playlist and follow the publish order: Book Social Network
Hello Alibou i follow along with your security video
now can you help to give another videos which will manage user who loged in either to block user and allow the user helpfully you will work with this also
can you explain?
@@BoualiAli like enable and disable user who logged in
Admin can enable auser disbale user like in Twitter the Admin can block you to login
@@abeDeveloper already explained
@@BoualiAli sorry my brother for your time im a fans and follow all your video but which video you explain it Mr sorry for disturbance
Hey, Grate Videos.. I am very lucky to be born in this time...
Request: A video on how to create custom dialect for Hibernate.
for example in Native Query if i use
SELECT ARR_AGG(userDB.name) as userName, ARR_AGG(userDB.age) as userAge FROM (SELECT name, age FROM user) as userDB
How i can project it to a Interface or Class.
You can use projection.
check the Book social network application and you will find an example there
You said jwt is not recommended to be used but keycloak is using jwt also??
I mean custom implementation of jwt….
Sorry if this was confusing
GOATTTTTTT
how can i deploy a angular springboot app?
Check the deployment video
how to make such animated diagrams?
good
Thanks
❤❤❤❤❤❤
i,m not able to find github repo for this one ?
in the description
@@BoualiAli i have a question in my project i have implemented jwt with role based access ,if i replace jwt with keycloak will rest of the functionalities work as expected without changing anything , actually it has a huge code base with lot of roles
@@ForAkirah I experienced the same situation. in my case I had to do some changes. it depends on the design of your application.
even if it takes sometime, I highly recommend that you migrate to keycloak
Ok, but there is nothing about assigning resources to roles. Right now there is no difference between admin and user because both of them have access to all resources.
Email verification from spring pls
Already done. Check the book social network playlist
the github doesnt work, can you share the source code
issue fixed. check it again
please make angular course
Already done. Check the playlists
+1 :D
Too bad that isn't with standalone component
GOD. YOU ARE GOD.
The Arab community needs you, brother. Please do not forget, we need videos by arabic
Zanzibar
State University of Zanzibar(suza)
most welcome
Typical German Stack
really?
Why are you overcomplicating the extractions of scopes to GrantedAuthorities and writing a custom converter when there is a class named JwtGrantedAuthoritiesConverter that is specifically designed for that, It even has its own section in the docs. If you want to tech people spring security i suggest you tech them how to read the docs, and while you are writing things show and reference the docs as i have seen several of your videos providing misinformation and bad practices.
Thanks for the feedback.
This my way of teaching things. People need to learn the why and how not only mentioning that there is a token converter provided.
If you don’t like my content, feel free to leave and learn from someone else.
Great video but how can user update their user -profile they password, etc... and get the username to display in the front end app and get user details information how can we acquire it
It was already mentioned in the video.
I think you did not follow carefully