Hi, greetings to the community!
We have been working to develop an Open Banking product for Banks in the MENA region and we have decided to proceed with Keycloak as our Authorization Server.
As per the Central Bank’s regulations, the client (In our case, its TPP - Third Party Provider) must be authenticated before calling the /auth and /token endpoints. In order to authenticate the client with Keycloak Server, the Central Bank mandates to use Mutual TLS 1.2 Mutual Authentication mechanism.
According to the docs in GitHub (Link: keycloak/enabletls.adoc at main · keycloak/keycloak · GitHub), Mutual TLS authentication mechanism has been introduced in Keycloak, but according to docs (Link: Keycloak - Documentation), we’re unable to extract/figure any information on enabling Mutual TLS Mutual Authentication for Client Authentication.
If someone from the community can pitch-in on how to enable the Mutual TLS for authentication of Client using Certificates, it would be of great help. Also, its my earnest request that the docs be updated to include a step-by-step tutorial/demo on how to enable Mutual TLS for Client authentication.
Thanks and regards,
A Prashanth Selvam