Editorial take
Why it stands out
Keycloak is a true self-hosted identity platform entry, so the catalog should emphasize operational cost and risk rather than inventing a software subscription model that does not exist.
Loading
Tool profile
Open-source identity and access management platform for SSO, user federation, roles, and self-hosted auth flows.
Self-hosted SSO for dozens of internal apps
Open-source identity and access management: OIDC/SAML brokers, user federation, social login, and admin UIs you self-host.
Keycloak is Apache License 2.0 software—no charge for downloading and running the server. Production economics are HA Java clusters (PostgreSQL backends, load balancers, caching), engineer time for upgrades, and optional vendor support (e.g., Red Hat-branded builds with subscription support).
Choose Keycloak when you need a full IdP under your control; choose Auth.js when you only need app sessions beside an existing user table.
Quick fit
Editorial take
Keycloak is a true self-hosted identity platform entry, so the catalog should emphasize operational cost and risk rather than inventing a software subscription model that does not exist.
What it does well
Primary use cases
Fit notes
Compare with
Pressure-test this pick against nearby alternatives.
Pricing snapshot
Keycloak is an open-source identity and access management platform, so the software itself has no license fee. The real cost comes from the HA Java infrastructure, database, security operations, and any commercial support you choose to buy around it.
Auth0
Free planB2B SaaS selling into buyers expecting SAML, SCIM, and audit evidence
Identity platform for adding authentication, user management, SSO, and access control to apps.
Free: 25k MAU; Essentials/Professional self-serve: 500 MAU on public 2026 cards—confirm before budgeting.
