OpenID Connect and observability have evolved a lot over the past year in the Keycloak project.

Keycloak's OAuth Special Interest Group has contributed security features related to OAuth 2.0 and OpenID Connect. We will demonstrate OAuth 2.0 Demonstrating Proof of Possession to make single page applications and native applications more secure, and OpenID Federation 1.0 support for building trust relationships between OpenID Providers and Relying Parties.

For better observability Keycloak now provides a full guide on how to use metrics for Service Level Indicators (SLI), Service Level Objectives (SLO), troubleshooting and sizing, together with example Grafana dashboards. Users will learn how they can utilise the Keycloak metrics and Grafana dashboards to identify excess request latencies that breach their SLO, we will then demonstrate how OpenTelemetry tracing can help debug the root cause of such breaches.