The BC Government Pathfinder SSO service, based on the Open Source Keycloak (aka Red Hat SSO) product, provides an industry standard (OIDC) and enterprise-policy compliant means of implementing authentication within applications that are also simple for development teams to provision and utilize.
Development teams are provisioned a set of clients within a multi-tenant instance of Keycloak running in the OpenShift Container Platform (OCP) platform that provide a simple authentication mechanism suitable for web and mobile applications.
Each client exists in one of the “standard” realms based on the needs of the team. Each “standard” realm is configured with a set of centrally managed identity providers (such as BCeID and IDIR).
Development teams are provided with a set of clients (an isolated configuration within Keycloak), corresponding to their deployment environments (dev, test, and prod). Clients come configured out-of-the-box with an appropriate combination of the following identity providers:
Note: BCeID requires additional steps for SSO implementation. Details will be provided during onboarding.
Note: BC Services Card integration is not available through Pathfinder SSO through the “standard” realms. See BC Services Card Integration on the Pathfinder SSO wiki for explanation and tips.
Pathfinder SSO is easily integrated into line of business systems. The service is hosted and managed centrally to ensure an efficient, reliable process.
Pathfinder SSO is a well-known and widely used access management system. Your staff can find simple procedures and guides, as well as answers to their questions, in a dedicated BC government support community.
Add authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users.
Price
Free
This service is available 24/7 with best efforts support, during business hours only, to restart failed systems and address open issues. Keycloak SSO support is available through RocketChat.Service level support
This Single Sign-On (SSO) service is offered to BC Government teams who are building cloud native web or mobile applications. Teams wishing to use this service should initially connect with the Pathfinder SSO Team to discuss their needs and ensure alignment prior to making an SSO implementation request.Requirements and restrictions
The Keycloak service is offered to BC Government teams who are building cloud native web or mobile applications.
Pathfinder SSO support is available: