IAM Developer

We are seeking a specialized IAM Developer to design, implement, and customize our identity and access management infrastructure using Keycloak. You will be responsible for securing microservices, managing complex authentication flows, and extending Keycloak via custom SPIs to meet enterprise security requirements.

• Design and implement secure authentication and authorization workflows using OIDC, OAuth 2.0, and SAML protocols.
• Develop and debug custom Java SPIs to extend Keycloak functionality for unique business requirements and logging.
• Integrate and troubleshoot client applications and microservices with Keycloak to resolve token, session, or login issues.
• Configure and maintain user federation with LDAP/AD and identity brokering with external providers for seamless profile synchronization.
• Deploy and optimize Keycloak clusters on Docker or Kubernetes, ensuring high availability, security patching, and performance tuning.

• Keycloak Core Configuration: Proven experience in managing Realms, Clients (Confidential/Public), Roles (Realm vs. Client), and Groups.
• Protocol Expertise: Deep technical knowledge of OIDC (OpenID Connect), OAuth 2.0, and SAML 2.0.
• Custom Extensions (SPIs): Hands‑on experience developing custom Keycloak extensions using Java. This includes Custom User Storage Providers, Custom Authenticators, or Protocol Mappers.
• Integration & Security: Experience integrating Keycloak with Spring Boot or Node.js and securing REST APIs using JWT (JSON Web Tokens).
• Identity Federation: Experience configuring User Federation with LDAP/Active Directory and Social Login providers.
• Deployment & DevOps: Practical experience deploying Keycloak in containerized environments (Docker/Kubernetes) and managing high-availability (HA) clusters.

• Experience with FreeMarker templates (.ftl) for custom UI/Theme development.
• Knowledge of Fine‑Grained Authorization Services (Authz).
• Familiarity with automation tools like Terraform or Ansible for IAM.