We started this chapter by discussing the security policies that can be applied to Quarkus services. Out of the box, you can provide file-based security authentication and authorization by using the Elytron extension. Then, we took a closer look at Keycloak, which can be used to provide enterprise-grade security standards by supporting the OpenID standards. We covered a basic example using a bearer token and a more complex one using a digitally signed token, both in compliance with the JWT specification. Finally, we discovered how to generate and configure certificates to secure access to our Quarkus endpoints using HTTPS.
In the next chapter, we will cover some advanced tactics that can improve the untapped potential of Quarkus services!