We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
Introduction to Quarkus Security by Sergey Beryozkin
Learn how Quarkus Security simplifies authentication with OpenID Connect, JWT tokens, and role-based access control while providing seamless integration with cloud platforms.
-
OpenID Connect is the most mainstream authentication mechanism, offering single sign-on capabilities and wide provider support (Google, Twitter, etc.)
-
Quarkus Security provides zero-code configuration for multiple authentication providers through simple properties, with built-in dev services and reasonable defaults
-
Token-based authentication supports both JWT and OAuth2/OpenID Connect tokens, with automatic validation, signature verification, and claims processing
-
Multi-tenant support allows applications to work with multiple identity providers simultaneously through tenant configuration and resolution
-
Role-based access control is implemented through annotations (@RolesAllowed, @SecurityIdentity) and can be customized with fine-grained permissions
-
Token propagation enables seamless forwarding of authentication between services without manual token handling
-
Dev services automatically configure security properties and mock providers for development and testing
-
Support for both traditional authentication (Basic, Form) and modern approaches (OAuth2, OpenID Connect)
-
Integration with Kubernetes and cloud-native environments is built-in
-
Security customization is possible through security providers, authentication mechanisms, and policy configurations while maintaining simplicity by default
This is a relatively new pillar, full stack development so we’re not only about backend but also frontend security integration.