Hi
We are starting to implement SSO with our new Angular application with Keycloak.
What is the best way to implement using only the standard OAUTH/OIDC REST endpoints ? Is it a good idea to have a backend service process all the Keycloak requests rather than redirect ?

I am not a security expert, our goal is to implement SSO without having to use Keycloak’s login pages and features , at the same time leave no security gaps.

Thank you!

Ram

Follow this thread Custom web server for UI pages

TL;DR: Keycloak does not incentivize such practices due to security concerns. Use built-in customizations for the pages.