Keycloak Identity and Access Management as a Service

Perfectly configured and optimized Keycloak IAM, ready in seconds. Keycloak without the pain.

No vendor lock-in
Reliable & elastic
99.9% SLA
Always up to date
Secure
GDPR Compliant
Fully customizable
2FA & OTP
White-label

Get Started

reliably serving millions of users including for these companies

Fully Managed Keycloak

Cloud IAM automates every part of setup, running and scaling of Keycloak clusters. Available on all major cloud and application platforms all over the world. Let your team focus on what they do best - building your product. Leave server management and monitoring to the experts.

We are here

We provides complete Keycloak support, from emergency services through daily operational support, to strategic planning. We’re here for your identity ops.

Easy Monitoring

Our control panel offers various tools for monitoring and alarms. Now you can address performance issues promptly and automatically, before they impact your business. Cloud IAM make it easy to setup custom alarms via email, webhooks and external services.

Stay in control

IAM is a critical piece

An Identity and Access Management (IAM) service is the central piece of any Information System., it's critical, it must be Highly Available (HA) and scalable.

On-call ops 24/7

Keycloak IAM is hard to secure, maintain, monitor, scale, upgrade and backup.
90% of companies don't have the internal resources to maintain and scale 24/7 their own IAM service.
We do.

Data & Sovereignty

IAM Cloud solutions are usually vendor-locked, closed-source and managed only from USA or China based Clouds. Cloud-IAM does not lock your data nor your software. Cloud-IAM is fully based on Keycloak open-source solution and support both European Cloud Providers and major USA Clouds.

Cloud-IAM vs the alternatives

TL;DR: Pain, suffering, proprietary and vendor lock-in

Self-hosted Keycloak

Auth0

Okta

Cloud-IAM

Futur-proof and Choice reversibility

No Vendor Lock-in & Open-Source

—

Security & Patch Management

Infrastructure & security updates

Your ops job.

High Availability & SLA

Your ops job.

Infrastructure & Data sovereignty

Data stay in your region (e.g. Europe)

Your job.

Only on AWS or Azure.
‍Costs more

Only on AWS

Private Cloud outside of GAFAM

—

European Company

—

Out-of-the-box
dedicated infrastructure
per deployments

—

GDPR compliant

Your job.

Support

Dedicated support

—

IAM Development Services

—

IAM Consulting Services

—

Simple, transparent pricing.

Flexible plans for all your authentication needs. What are you looking for?

Little Lemur

For development

FREE

Free Forever

Little Bunny

—

€

109

/month

Roaring Rabbit

—

€

299

/month

Power Panda

—

€

499

/month

Custom Plan

—

Keycloak

Realms

∞

Max. users for all realms

100

250

15 000

40 000

∞

Clustered & Highly Available

Theme customization

—

Dedicated infrastructure

—

Limited to
Scaleway

Custom Extensions (.jar)

—

Custom domain

—

TLS certificate

—

OpenMetrics endpoint

—

—

—

—

—

Unlimited integrations to AD & LDAP

Support

Community support

Dedicated support

—

Create account

Frequently Asked Questions

Can I trial Cloud-IAM before paying?

Sure! Create a free account right now. No credit-card required. When you are ready just come back here and subscribe.

What's a realm?

A realm manages a set of users, credentials, roles, and groups. A user belongs to and logs into a realm. Realms are isolated from one another and can only manage and authenticate the users that they control.

What happens when I reach a plan limit?

Cloud-IAM plan's limits are soft limits. When one of your deployments reach its plan limits (e.g. maximum number of users), our team will be notified and will contact you to talk about what to do next : either remove users or realms or upgrade to a bigger subscription plan. We never stop our customer deployments without multiple prior notice.

What does "maximum users for all realms" means?

Users are entities that are able to log into your system. They can have attributes associated with themselves like email, username, address, phone number, and birth day. They can be assigned group membership and have specific roles assigned to them.
The maximum users for all realms is a plan limit that varies between subscription's plan. This figure the total user count in Keycloak deployments. It sums the number of active and inactive users managed in Keycloak in every realms.

How do I import my users?

Batch CSV import is available through support requests. For advanced use-case (e.g. custom authentication setup that you want to migrate to Keycloak) we advice our customer to implement and upload a custom extension (jar).

I already have a Keycloak how do I migrate to Cloud-IAM?

Cloud-IAM provides out-of-the box a Keycloak custom extension that seamlessly migrate — without down-time — users between two Keycloak setup.

Where can I deploy my Keycloak IAM?

Use Cloud-IAM to deploy your Keycloak clusters to one of these Cloud Providers: Google Cloud Platform (Americas, Europe, Asia Pacific), Amazon AWS (North and South America, Europe, Middle East, Africa, Asia Pacific), and Scaleway (Europe).

What can I white label?

Everything! Subscribe to a dedicated plan (starting with Roaring Rabbit plan) to fully customize your Keycloak, domain name.

Do you support LDAP or Active Directory (AD)?

Yes we do support Active Directory (AD) and LDAP as user storage provider and you can also configure user federation through your Keycloak console.

Will I have to expose my LDAP or Active Directory ?

Yes just like with ADFS you will have to expose your LDAP / Active Directory over interne however we provide the IP list of your deployed Keycloak cluster nodes so you will be able to only authorize them to connect.
Custom plans also have a VPC peering option.

Where are my users stored?

For every dedicated hosting subscription, users are safely stored into highly available and continuously backed up PostgreSQL databases.

Are you GDPR compliant?

Yes, Cloud-IAM is fully GDPR compliant and can easily execute a data processor agreement with your company if needed.

Do you do OTP with SMS?

No we don't and you should not.

How email sending is handled?

Cloud-IAM customers can configure an SMTP server inside Keycloak administration console in order to send emails. It's completely self-service.

How to manage configuration between environments?

All tools that automates Keycloak configuration management between production and other environments (e.g. Staging) are available against Cloud-IAM deployments. We recommend the use of terraform.

How to be sure our custom extensions does not break Keycloak?

Once you upload or update an existing extension through our dashboard, it triggers a cluster upgrade.
It's your responsibility to first test (automatically or not) the custom extension on a non-production environment, you can create others Keycloak deployment from Cloud-IAM dashboard and API.

How much traffic can the service handle?

Cloud-IAM hosting scales automatically to handle millions of concurrent visits. All plans serve requests through premium network.

What about your availability and security?

Cloud-IAM is monitored 24/7. Answers to security questions are available on our security page. Our highly scalable infrastructure brings us 100% uptime since Cloud-IAM first steps back in 2018. Unbeaten. Our operation team breathe only to keep that way.

Can I cancel anytime?

Yes, your subscription can be canceled anytime. Please email us from your subscription email account at support@cloud-iam.com, we will assist you with the cancelation.

Will I be able to export my data?

For every dedicated hosting subscription, Cloud-IAM provide dumps of the dedicated PostgreSQL database that you can safely reimport into your own database. Account's password are of course hashed and will work on your own Keycloak setup. No vendor lock-in!

Do you expose Keycloak API?

Yes, no matter the plan get ouf of the box a full access to Keycloak REST API.

What's the size of your team?

Cloud-IAM is a team of more than 30 engineers dedicated to hosting, managing and tuning Keycloak Clusters and JVM based software. Every member of our team do consulting and training from simple authentication use-case to advanced authorizations setup.

Is your company viable?

Yes, Cloud-IAM launched in late 2018. We're profitable, privately owned, and in this for the long-haul. Since our first day we've helped thousands of developers deploy their Keycloak clusters. Rest assured it is not going anywhere. You can expect our products to be always on your side and help you along the way as you build and grow your business.

Yep. Authz is hard.

Our team specialized over the past years on IAM technologies and Keycloak.
We helped companies of various size setup and configure their IDM (Identity Management).
We trained various technical team to use Keycloak APIs and build secure services over it.
Need our help? We are one email away.

Keycloak Identity and Access Management as a Service

Fully Managed Keycloak

We are here

Easy Monitoring

Stay in control

IAM is a critical piece

On-call ops 24/7

Data & Sovereignty

Cloud-IAM vs the alternatives

TL;DR: Pain, suffering, proprietary and vendor lock-in

Self-hosted Keycloak

Auth0

Okta

Cloud-IAM

Simple, transparent pricing.

Flexible plans for all your authentication needs. What are you looking for?

Little Lemur

Little Bunny

Roaring Rabbit

Power Panda

Custom Plan

Frequently Asked Questions

Can I trial Cloud-IAM before paying?

What's a realm?

What happens when I reach a plan limit?

What does "maximum users for all realms" means?

How do I import my users?

I already have a Keycloak how do I migrate to Cloud-IAM?

Where can I deploy my Keycloak IAM?

What can I white label?

Do you support LDAP or Active Directory (AD)?

Will I have to expose my LDAP or Active Directory ?

Where are my users stored?

Are you GDPR compliant?

Do you do OTP with SMS?

How email sending is handled?

How to manage configuration between environments?

How to be sure our custom extensions does not break Keycloak?

How much traffic can the service handle?

What about your availability and security?

Can I cancel anytime?

Will I be able to export my data?

Do you expose Keycloak API?

What's the size of your team?

Is your company viable?

Yep. Authz is hard.

Our team specialized over the past years on IAM technologies and Keycloak.We helped companies of various size setup and configure their IDM (Identity Management).We trained various technical team to use Keycloak APIs and build secure services over it.Need our help? We are one email away.

We've helped them.

Product

About

Language

Our team specialized over the past years on IAM technologies and Keycloak.
We helped companies of various size setup and configure their IDM (Identity Management).
We trained various technical team to use Keycloak APIs and build secure services over it.
Need our help? We are one email away.