Cloud-IAM's FAQ
Getting started
How do I get started with Cloud-IAM?
When you want to test out the service for yourself…
Start by creating a free account. Next, you’ll be able to create deployments on your chosen tier. Each deployment can have a different user count, service provider, and tier plan. You can create as many deployments as you like on as many different tiers as you like. For example, you could create a deployment on a free tier to set up a test environment. Then you can either upgrade that deployment or create a new deployment on the paid tier of your choice.
When you have a specific case that requires an appointment…
Do you need more details about how we operate? Is your deployment a special case? If you haven't found answers in our documentation, schedule an appointment with our sales team to address any inquiries you may have.
When you want to learn more…
Our documentation covers everything you need to know about Keycloak, our product, and our services. To further enhance your skills and master the functioning of your Identity and Access Management (IAM), you can continue your professional development through our comprehensive documentation.
How do I add users to Cloud-IAM?
There are three ways you can add users.
Import users: Batch-import CSVs by sending us a support request (available on paid plans).
Migrate users between Keycloak setups: Use Cloud-IAM’s out-of-the-box extension to migrate users between Keycloak setups without downtime.
Migrate from a custom authentication setup: In advanced use cases, upload and implement a custom .jar extension.
How does your ad-hoc consultation service work?
We provide expert consultation on both a project and an ongoing basis. Our consultations are priced on a per-day basis and include services such as:
Dedicated Q&A session with overviews of your architecture, patterns, configuration
Performance tuning, security, and best practices
Audit & recommendations for your current Keycloak configuration
Consultation on Keycloak integration with your existing architecture
Live production support
Custom extension development and maintenance
Expert employee training session
Full done-for-you Keycloak installation
If you're interested,If you're interested, book a time to chat with sales and let us know you want to talk about consultation when you book a time.
Cloud-IAM features
What extensions & webhooks do you have?
Here’s a full list of our standard extensions and webhooks:
Total export data
Full logs and metrics
Audits logs
Allow lists
Keycloak profiles
Custom domains
Trigger incident
Can I send SMS OTPs?
Yes, it's a custom extension that you are allowed to add to your deployment through our console, in the Custom Extensions panel. However, we don’t recommend you do. Here’s why. Instead, we offer a range of MFA options like 2FA, 2SV, and magic links.
How do I manage configuration between environments?
We recommend you use a tool called Terraform. All tools that automate Keycloak configuration management between production and other environments (e.g. Staging) are available against Cloud-IAM deployments.
How do I test my custom extensions?
To safely test your custom extensions without affecting your production environment, a second deployment is essential. We recommend maintaining two separate environments — one for production, one for testing — especially when validating custom features.
How is Cloud-IAM GDPR compliant?
If you select a Cloud Provider with servers in the EU, we can guarantee that your deployment will be GDPR compliant.
How does a Keycloak + Cloud-IAM solution compare to Auth0 or Okta?
Here are the main differences if you choose Keycloak + Cloud-IAM:
Cloud-IAM does not do vendor locking
Unlike Auth0/Okta, Keycloak is open source
Cloud-IAM is an EU company
You have more flexibility in your choice of Cloud Provider if you need to keep your data in one region
You can choose a European cloud provider like Scaleway or Outscale — outside the GAFAM ecosystem
Setup is easy with an out-of-the-box dedicated infrastructure per deployment
One-click support access, with guaranteed response times tailored to your plan. Video calls available anytime when you need deeper guidance.
Security & reliability
How secure is Cloud-IAM?
Looking to see if we’re compliant with your security needs? Here’s everything you need to know about how we manage every aspect of your data and the security of our platform.
What happens in cases of failure?
In case of failure, every part of the Cloud-IAM service uses properly-provisioned, redundant servers (e.g., multiple load balancers, web servers, replica databases). As part of regular maintenance, servers are removed from operation without impacting availability. We can scale to millions of concurrent requests without incident.
Do you ever have downtime?
Cloud-IAM is monitored 24/7. In 2024, we achieved an average uptime of 99.9877% across all our deployments.
What Cloud Providers do you use?
Each of our providers undergoes independent third-party testing. Use Cloud-IAM to deploy your Keycloak clusters to one of these Cloud Providers:
Google Cloud Platform:Americas, Europe, Asia Pacific
Amazon AWS: North and South America, Europe, Middle East, Africa, Asia Pacific
Outscale: Europe, North America, and Asia
Scaleway: Europe
Azure: North and South America, Europe, Middle East, Africa, Asia Pacific
Will I need to expose my LDAP/Active Directory over the internet?
Yes, in a secure manner. We provide the IP list of your deployed Keycloak cluster nodes so you can authorize them to connect. Custom plans also have a VPC peering option.
Subscriptions & pricing
What are the main differences between the Starter, Essential, Premium and Max?
The main differences are in the speed of support you receive and your SLA agreement.
Max tier: Expect the highest level of support and resolution time (less than 30 min). We also give you a 99.98% SLA and one free day of dedicated dev time a month (valued at 2,000€/day ad hoc)
Premium tier: Expect high level of support and resolution time (less than an hour). We also give you a 99.95% SLA and one free day of dedicated dev time a month (valued at 2,000€/day ad hoc)
Essential tier: Incident resolution time: 12 hours. Support available via email or ticketing system. 99.9% SLA.
Starter tier: Incident resolution time is the longest. Only community support is available. 99% SLA
Do you offer a free trial?
Better, we offer a free account! Just create an account and make a free deployment straight away to test out how things work. Free accounts are limited to 100 users, deployment on Scaleway, and 1 realm.
What if I want to cancel my contract? How do I get my data?
Each of our providers undergoes independent third-party testing. Use Cloud-IAM to deploy your Keycloak clusters to one of these Cloud Providers:
Google Cloud Platform:Americas, Europe, Asia Pacific
Amazon AWS: North and South America, Europe, Middle East, Africa, Asia Pacific
Outscale: Europe, North America, and Asia
Scaleway: Europe
Azure: North and South America, Europe, Middle East, Africa, Asia Pacific
Will I need to expose my LDAP/Active Directory over the internet?
We’ve made it easy for you to download your data. For every paid account, Cloud-IAM provides dumps of the dedicated PostgreSQL database that you can safely re-import into your own database. Account passwords are hashed and will work on your own Keycloak setup.
