Schwarz IT and STACKIT
SUCCESS STORY
Centralized identity management with Keycloak on STACKIT
A central element of the cloud strategy of the companies of Schwarz Group was the introduction of a central identity management system. To this end, Keycloak, an open source solution, was migrated to the STACKIT Cloud to ensure the necessary flexibility and scalability.
The challenge
Schwarz Group, which also includes Lidl and Kaufland, responded to the increasing threat of cyberattacks and data leaks with a strategic decision to move its IT systems to the cloud. A central element of this strategy was the introduction of a central identity management system, as thousands of internal and external users needed to access various digital applications.
Initially, Keycloak, an open source solution for authentication and authorization, was operated locally in the data center on the OpenShift container platform. After two years, however, the company decided to migrate all systems to the cloud, which also included Keycloak’s infrastructure, monitoring and user management. The lack of a central solution for managing access and roles for external users was the initial problem.
The implementation
The migration of Keycloak to the STACKIT Cloud, which belongs to Schwarz Digits and is therefore also part of Schwarz Group, was a challenging large-scale project. In close cooperation with the team of STACKIT and the database team, an infrastructure was gradually built up that would serve as the basis for all subsequent projects.
The changeover meant moving from a simple open source instance to a scalable, production-ready platform solution for identity and access management. Processes that previously had to be coordinated manually were automated. The new platform now dynamically provides resources, orchestrates containers and manages databases.
The solution
The migration to STACKIT created a central, standardized solution for access management, which was previously a decentralized and complex IT task. The advantages of STACKIT Cloud are manifold:
Powerful
The infrastructure provides a reliable basis for highly available systems, even with hundreds of thousands of users and millions of accesses per hour.
Flexible and scalable
Resources such as databases and containers can be scaled dynamically. Thanks to Kubernetes, scaling takes place automatically as the number of users increases. Load tests with ten times the normal usage have already been mastered without any problems.
Quickly available
IT resources can be made available on demand, enabling new systems or adjustments to be made within a very short time. What used to take weeks is now done in a matter of minutes.
Cost-efficient
Thanks to the pay-as-you-go principle, only the resources actually used are paid for, resulting in annual savings in the six-figure range.
What began as a solution for a supplier portal has now become a central standard for numerous applications. At peak times, Keycloak handles up to 30 log-ins per second and, thanks to caching, processes over one million access operations per hour.
Read complete success story
Download the complete success story in PDF format by clicking on the button (available only in German).
Further references
