# Identity Management / Single Sign On

Single Sign On is required to make sure that access to all our services is handled by a centralized component that create authorization tokens that can confirm that the user is authorized to work against different services.

By Default we are using [Keycloak](http://keycloak.org) as our SSO provider. Keycloak supports OAuth2, Kerberos and SAML integrations. We are using the OAuth2 approach. We are also using Keycloak as our Identity Management abstraction layer. Look at the Identity Management Section for more details about this. By using Keycloak we are open the door for social login (Facebook, Google, etc.) to our entire platform, which might be useful for cloud deployments.

As most BPM solutions, we require an integration layer between Tasks & Process and the user, groups and roles defined at the organization where you are implementing your solution. For this reason we provide an out of the box integration with Keycloak as our SSO and Identity Management integration layer. Keycloak opens the door to integrate different systems such as custom database, LDAP, Active Directory and Social Logins.

For IDM and SSO you can find the source code and Docker Image in the following repositories:

* [IDM & SSO -> Source Code](https://github.com/activiti/activiti-keycloak)
* [IDM & SSO -> Docker Image](https://cloud.docker.com/u/activiti/repository/docker/activiti/activiti-keycloak)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://activiti.gitbook.io/activiti-7-developers-guide/components/activiti-cloud-infrastructure/sso.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.