Auth done right. Keycloak JWT via OIDC, role-based policies, OAuth2 PKCE in Swagger, and a pre-built realm — zero manual configuration required.
Use code FIRSTXPEOPLE for €15 off → €30
Tech stack
BaseRepository with 7 hooks, offset + cursor pagination, ErrorOr result pattern, RFC 7807 error handler, health checks, Swagger with XML docs, Docker Compose. All included.
The API validates tokens issued by Keycloak using OIDC discovery. No manual key management. Configuration points to the Keycloak realm and the middleware handles the rest.
Two policies pre-configured: Authenticated (any valid JWT) and AdminOnly (requires the admin realm role). Add more in one place and apply with .RequireAuthorization().
The Swagger UI includes an Authorize button wired to the Keycloak OIDC PKCE flow. Click, log in with a test user, and all subsequent requests in Swagger carry the Bearer token automatically.
A Keycloak realm export is imported automatically on first boot. Two test users are ready: admin-test and user-test. No Keycloak admin UI setup required.
Unauthenticated and unauthorized responses return RFC 7807 ProblemDetails instead of empty body responses. Consistent with every other error format in the kit.
Pricing
Full source code, private docs, unlimited projects, entire team included.
or €30 with code FIRSTXPEOPLE
Secure checkout via Lemon Squeezy · Instant delivery
Need cache too? See the full stack kit →