This article describes how the Keycloak user database can be connected to DualShield as an external user directory, in the same way that Active Directory is connected to DualShield.
How it Works
Keycloak stores its user directory in a SQL database, and it allows customers to choose one of the commonly used SQL servers, such as Postgres or MySQL, etc. However, Keycloak uses a proprietary database structure to store its user directory. In order to connect the Keycloak user database to DualShield, we need an adapter or converter. As DualShield supports LDAP, we developed a SQL to LDAP converter called DualShield MyVD which is based on an open-source project called MyVD.
...
In DualShield a user directory is called a domain, whereas in Keycloak a user directory is called a realm. We will map a realm in Keycloak to a domain in DualShield. As Keycloak does not have the concept of the domain and OU, we will first map a realm in Keycloak to an OU in LDAP, then map the LDAP OU to a domain in DualShield
...