Keycloak FastAPI Integration
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill provides robust and standard authentication logic. It utilizes secure defaults for JWT validation, including signature verification using RS256, audience validation, and issuer checks, which prevent common token-related vulnerabilities.\n- [EXTERNAL_DOWNLOADS]: The implementation includes logic to retrieve JSON Web Key Sets (JWKS) from a remote identity provider (Keycloak). This is a required operation for OpenID Connect to securely validate signatures without sharing private keys and is performed using standard asynchronous HTTP requests.
Audit Metadata