Cloud-IAM's FAQ
Getting started
How do I get started with Cloud-IAM?
Sign up through the Cloud-IAM Console and create your plan in just a few clicks: from choosing your support level to selecting your cloud provider, region, and billing options. Once done, your Managed Keycloak instance will be automatically deployed and ready to use in under 20 minutes.
What information do I need to set up my first deployment?
To set up your first managed Keycloak deployment, we recommend:
Estimating the total number of unique users who will access your Keycloak environment.
Selecting a support level that matches your technical needs and desired assistance.
Choosing a cloud provider that complies with your legal requirements and is geographically closest to your infrastructure to ensure optimal performance and low latency.
Got a specific use case or deploying Keycloak for the first time? Our team is here to guide you — from day one — and make sure everything works exactly as it should.
How long does it take to deploy an instance?
Deploy in under 20 minutes — no manual setup needed. Once you’ve selected your plan in the Cloud-IAM console, your instance is fully deployed and ready to use. No complex configuration. No downtime. No hassle.
Do you assist with the initial configuration?
Yes, we provide full assistance and support to help you configure your Keycloak environment. While we don’t perform the configuration on your behalf, our technical team empowers you to take full control, just as if you were hosting Keycloak on-premises. We offer detailed documentation with tutorials/step-by-step guides, and expert support to ensure you can set up your instance confidently. If you prefer to have the configuration handled for you, we can connect you with certified Cloud-IAM integrator partners who specialize in managing Keycloak deployments.
Do you assist with the initial configuration?
Yes, we provide full assistance and support to help you configure your Keycloak environment. While we don’t perform the configuration on your behalf, our technical team empowers you to take full control, just as if you were hosting Keycloak on-premises. We offer detailed documentation with tutorials/step-by-step guides, and expert support to ensure you can set up your instance confidently. If you prefer to have the configuration handled for you, we can connect you with certified Cloud-IAM integrator partners who specialize in managing Keycloak deployments.
Cloud-IAM features
What extensions & webhooks do you have?
Here’s a full list of our standard extensions and webhooks:
Total export data
Full logs and metrics
Audits logs
Allow lists
Keycloak profiles
Custom domains
Trigger incident
Can I send SMS OTPs?
Yes, it's a custom extension that you are allowed to add to your deployment through our console, in the Custom Extensions panel. However, we don’t recommend you do. Here’s why. Instead, we offer a range of MFA options like 2FA, 2SV, and magic links.
How do I manage configuration between environments?
We recommend you use a tool called Terraform. All tools that automate Keycloak configuration management between production and other environments (e.g. Staging) are available against Cloud-IAM deployments.
How do I test my custom extensions?
To safely test your custom extensions without affecting your production environment, a second deployment is essential. We recommend maintaining two separate environments — one for production, one for testing — especially when validating custom features.
How is Cloud-IAM GDPR compliant?
If you select a Cloud Provider with servers in the EU, we can guarantee that your deployment will be GDPR compliant.
How does a Keycloak + Cloud-IAM solution compare to Auth0 or Okta?
Here are the main differences if you choose Keycloak + Cloud-IAM:
Cloud-IAM does not do vendor locking
Unlike Auth0/Okta, Keycloak is open source
Cloud-IAM is an EU company
You have more flexibility in your choice of Cloud Provider if you need to keep your data in one region
You can choose a European cloud provider like Scaleway or Outscale — outside the GAFAM ecosystem
Setup is easy with an out-of-the-box dedicated infrastructure per deployment
One-click support access, with guaranteed response times tailored to your plan. Video calls available anytime when you need deeper guidance.
Security & reliability
How secure is Cloud-IAM?
Looking to see if we’re compliant with your security needs? Here’s everything you need to know about how we manage every aspect of your data and the security of our platform.
What happens in cases of failure?
In case of failure, every part of the Cloud-IAM service uses properly-provisioned, redundant servers (e.g., multiple load balancers, web servers, replica databases). As part of regular maintenance, servers are removed from operation without impacting availability. We can scale to millions of concurrent requests without incident.
Do you ever have downtime?
Cloud-IAM is monitored 24/7. In 2024, we achieved an average uptime of 99.9877% across all our deployments.
What Cloud Providers do you use?
Each of our providers undergoes independent third-party testing. Use Cloud-IAM to deploy your Keycloak clusters to one of these Cloud Providers:
Google Cloud Platform:Americas, Europe, Asia Pacific
Amazon AWS: North and South America, Europe, Middle East, Africa, Asia Pacific
Outscale: Europe, North America, and Asia
Scaleway: Europe
Azure: North and South America, Europe, Middle East, Africa, Asia Pacific
Will I need to expose my LDAP/Active Directory over the internet?
Yes, in a secure manner. We provide the IP list of your deployed Keycloak cluster nodes so you can authorize them to connect. Custom plans also have a VPC peering option.
Subscriptions & pricing
What are the main differences between the Starter, Essential, Premium and Max?
The main differences are in the speed of support you receive and your SLA agreement.
Max tier: Expect the highest level of support and resolution time (less than 30 min). We also give you a 99.98% SLA and one free day of dedicated dev time a month (valued at 2,000€/day ad hoc)
Premium tier: Expect high level of support and resolution time (less than an hour). We also give you a 99.95% SLA and one free day of dedicated dev time a month (valued at 2,000€/day ad hoc)
Essential tier: Incident resolution time: 12 hours. Support available via email or ticketing system. 99.9% SLA.
Starter tier: Incident resolution time is the longest. Only community support is available. 99% SLA
Do you offer a free trial?
Better, we offer a free account! Just create an account and make a free deployment straight away to test out how things work. Free accounts are limited to 100 users, deployment on Scaleway, and 1 realm.
What if I want to cancel my contract? How do I get my data?
Each of our providers undergoes independent third-party testing. Use Cloud-IAM to deploy your Keycloak clusters to one of these Cloud Providers:
Google Cloud Platform:Americas, Europe, Asia Pacific
Amazon AWS: North and South America, Europe, Middle East, Africa, Asia Pacific
Outscale: Europe, North America, and Asia
Scaleway: Europe
Azure: North and South America, Europe, Middle East, Africa, Asia Pacific
Will I need to expose my LDAP/Active Directory over the internet?
We’ve made it easy for you to download your data. For every paid account, Cloud-IAM provides dumps of the dedicated PostgreSQL database that you can safely re-import into your own database. Account passwords are hashed and will work on your own Keycloak setup.
