This blog shows how to use Keycloak for OAuth 2.0 and OpenID Connect. Keycloak is an identity and access management solution. Among its list of supported authentication mechanisms are SAML 2.0 and OpenID Connect. It is open source and can be installed via Docker. I wrote how to install Keycloak via Docker in a separate blog. The content of this blog was created as a side effect of configuring NetWeaver ABAP with Keycloak for SAML 2.0 and OAuth 2.0.
Here I will detail the steps to create an OAuth client in Keycloak, assign an OAuth 2.0 scope to it and how to get the OpenID Connect tokens for the client. For a better readability the steps are available as independent blogs / articles.