Question about a new security architecture ADFS - Keycloak

Good Morning,

I am currently rethinking a security migration that is made up of: - ADFS (User/Password Storage) - BBDD That has a relationship of people, roles, attributes, resources.

I am analyzing the possibilities to be able to work with OIDC and I do not have much knowledge of the capabilities of each of the tools.

My doubts are:

  • Does ADFS have the same capabilities as Keycloak? Can I have authorization and authentication?
  • What are the benefits of having the ADFS Keycloak ahead and connecting it to the ADFS?
  • Would I have ADFS authentication and keycloak authorization?
  • What would I lose if I enter the applications by OIDC directly against the ADFS?

I would like to understand what I gain by having keycloak in front of ADFS.

Typical applications in the company are SPAs that connect to backend applications in microservices.

As a requirement I have that all authentication must be done with the ADFS login screen.

Is it possible for keycloak to automatically redirect to the ADFS login?

Greetings and thank you