Microservice Security you own this product

This free project is part of the liveProject series An Enterprise Microservice with Quarkus and Kubernetes
basic knowledge of OpenID protocol • basic knowledge of Keycloak • basic knowledge of HTTP protocol
skills learned
enable authentication and authorization by connecting the Quarkus application to a Keycloak Identity provider • configure the Keycloak Dev Services • test the application authentication and authorization setup
Daniel Petisme
1 week · 4-6 hours per week · INTERMEDIATE
filed under

placing your order...

Don't refresh or navigate away from the page.
This free project is part of the liveProject series An Enterprise Microservice with Quarkus and Kubernetes explore series
Check your email for instructions on accessing Microservice Security (liveProject)
continue shopping
adding to cart

Look inside

You’re a software engineer at Chill+, a video streaming platform that uses Java to develop its microservice architecture running on Kubernetes. Thanks to the company’s soaring popularity, Chill+ is scaling out its Kubernetes cluster. Your task is to reduce infrastructure costs, which are growing faster than the company’s customer base. To achieve your goal, you’ll add security that reduces resource consumption. You’ll implement an authentication layer, integrated with developer-friendly Quarkus Keycloak, on the company’s Catalog API. You’ll restrict access to the API’s endpoint according to users’ roles, tune the Keycloak Dev Services to match the Catalog’s API context, and verify the security implementation leveraging Quarkus’s easy-to-use testing libraries.

project author

Daniel Petisme

Daniel Petisme has an engineering degree in IT, and he’s been mixing technical expertise and innovation at Michelin for the past ten years. He joined Confluent in March 2021 as a customer success architect providing support and guidance about Kafka-related technologies. He’s a strong believer in open source, and he channels his passion for learning and sharing knowledge by teaching several software-related courses to IT engineers, and co-organizing local technical events. He’s a part of the JHipster and Vert.x core team and actively contributes to Kafka and Quarkus.


This liveProject is for software engineers with knowledge of OpenId Connect and building Java applications. To begin these liveProjects you’ll need to be familiar with the following:

  • Basic understanding of using Maven to build a Java-based application
  • Basic understanding of Docker containers
  • Basic understanding of the OpenID protocol
  • Run curl commands and use Linux environment variables on the command line
  • Develop small API-oriented applications using Java frameworks (Spring, Micronaut, JakartaEE, Vert.x)
  • Develop Java tests using frameworks like JUnit, Mockito, and test containers

you will learn

In this liveProject, you’ll learn how to add an authentication and authorization layer, leveraging the OpenID Connect (OIDC) protocol.

  • Install Quarkus OIDC extension
  • Use Quarkus annotation to implement authentication
  • Capture the user’s principal identity
  • Implement role-based authorization
  • Use Quarkus Keycloak Dev Services to spin up a Keycloak server
  • Configure Quarkus Keycloak Dev Services to match the Catalog’s API context
  • Use Quarkus testing capabilities to verify the authentication and authorization behavior


You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.