https://tldrecap.tech/presenters/niko-k%C3%B6bler/ Recent content in Niko Köbler on TLDRecap ⏮️ https://tldrecap.tech/images/tldrecap_logo.jpg https://tldrecap.tech/images/tldrecap_logo.jpg Hugo en Mon, 13 Apr 2026 16:37:31 -0700 https://tldrecap.tech/posts/2026/keycloakcon-europe/keycloak-god-tokens-mistakes/ Mon, 13 Apr 2026 16:37:31 -0700 https://tldrecap.tech/posts/2026/keycloakcon-europe/keycloak-god-tokens-mistakes/ <p><strong>Presenters</strong></p> <div> <ul> <li> <a href="https://tldrecap.tech/presenters/niko-k%C3%B6bler">Niko Köbler</a> </li></ul> </div> <p><strong>Source</strong></p> <div> <ul> <li> <a href="https://tldrecap.tech/sources/keycloakcon-europe-2026">KeycloakCon Europe 2026</a> </li></ul> </div> <h1 id="-stop-building-god-tokens-avoiding-the-top-keycloak-mistakes">🛡️ Stop Building &ldquo;God Tokens&rdquo;: Avoiding the Top Keycloak Mistakes</h1> <p>At the first-ever <strong>KeycloakCon</strong> in Amsterdam, industry veteran <strong>Niko Köbler</strong> dropped a bombshell: <strong>90% of Keycloak developers</strong> are making critical mistakes in their configuration. Having worked with Keycloak since its infancy in <strong>2015</strong>, Niko has seen it all—from massive enterprise LDAP migrations to modern microservices architectures.</p> <p>If your application &ldquo;just works,&rdquo; you might think you&rsquo;re safe. But in the world of identity and access management, &ldquo;working&rdquo; and &ldquo;secure&rdquo; are two very different things. Here is how to stop issuing dangerous <strong>God tokens</strong> and start implementing professional-grade security.</p>