Project description

We are seeking a specialized IAM Developer to design, implement, and customize our identity and access management infrastructure using Keycloak. You will be responsible for securing microservices, managing complex authentication flows, and extending Keycloak via custom SPIs to meet enterprise security requirements.

Responsibilities

-Design and implement secure authentication and authorization workflows using OIDC, OAuth 2.0, and SAML protocols.

-Develop and debug custom Java SPIs to extend Keycloak functionality for unique business requirements and logging.

-Integrate and troubleshoot client applications and microservices with -Keycloak to resolve token, session, or login issues.

Configure and maintain user federation with LDAP/AD and identity brokering with external providers for seamless profile synchronization.

-Deploy and optimize Keycloak clusters on Docker or Kubernetes, ensuring high availability, security patching, and performance tuning.

Skills

Must have

-Keycloak Core Configuration: Proven experience in managing Realms, Clients (Confidential/Public), Roles (Realm vs. Client), and Groups.

-Protocol Expertise: Deep technical knowledge of OIDC (OpenID Connect), OAuth 2.0, and SAML 2.0.

-Custom Extensions (SPIs): Hands-on experience developing custom Keycloak extensions using Java. This includes Custom User Storage -Providers, Custom Authenticators, or Protocol Mappers.

-Integration & Security: Experience integrating Keycloak with Spring Boot or Node.js and securing REST APIs using JWT (JSON Web Tokens).

-Identity Federation: Experience configuring User Federation with LDAP/Active Directory and Social Login providers.

-Deployment & DevOps: Practical experience deploying Keycloak in containerized environments (Docker/Kubernetes) and managing high-availability (HA) clusters.

Nice to have

-Experience with FreeMarker templates (.ftl) for custom UI/Theme development.

-Knowledge of Fine-Grained Authorization Services (Authz).

-Familiarity with automation tools like Terraform or Ansible for IAM.

Other

Languages

English: C2 Proficient

Seniority

Regular

Related jobs

View all vacancies

ESB and IBM ACE Developer

Other System Languages

Spain

Valencia, ES

ESB and IBM ACE Developer

Other System Languages

Spain

Madrid

Linux Kernel Networking Expert

Other System Languages

India

Bengaluru

Barcelona, ES, Spain

Req. VR-120853

Other System Languages

BCM Industry

09/02/2026

Req. VR-120853

Apply for IAM Developer in Barcelona, ES

*Indicates a required field

First name

Last name

Your country

Your City

Phone

Specialization

Attach your resume (max file size 1MB; allowed extensions: doc, txt, pdf, docx) Upload resume

Number of years of experience in the specialization you are applying for

What are your monthly gross salary expectations?

Read Explanatory Notes

Under the terms of your specific consent or to perform our obligations under a contract with you, as applicable, we, Luxoft Holding Inc. will manually and electronically process your personal data, specifically your first name, last name, phone number, e-mail address and other data you provide us through this form.

Within this context, we process personal data only for the specific purpose(s) indicated in the individual consent language or other notices provided below.

We will – insofar as reasonably necessary for the purpose you have agreed to and within the scope of applicable laws – transfer your personal data to other entities within the Luxoft Group and to the group of third party recipients listed in our Privacy Notice. Such Recipients can be located outside the European Union (EU) and/or the European Economic Area (EEA) (“Third Countries”). The Third Countries concerned, e.g. the USA, may not have the level of data protection that you enjoy e.g. under the GDPR. This can result in disadvantages such as an impeded enforcement of data subjects’ rights, a lack of control over further processing and access by state authorities. You may only have limited legal remedies against this. Insofar our transfer of your personal data to recipients in Third Countries is not covered by an adequacy decision of the EU Commission, we achieve an adequate level of data protection as further detailed out in our Privacy Notice.

With your consent, we personalise marketing communications to you by way of carrying out marketing research analysis, analysing the surfing-behaviour of our website visitors and to adjust it to their detected tendencies, as well as to plan more efficient future marketing activities. This personalised marketing does not include any automated decision-making activities.

Further information on how we process personal data in general is available in our Privacy Notice. You may withdraw any given consent at any time. The withdrawal of your consent(s) will not affect the lawfulness of processing before its withdrawal. For any request in this context, please e-mail us at: DPO@luxoft.com.

Before uploading CV or any other information to this website, to learn more about your obligations and restrictions arising from the use of this website, please read our Terms of Use.

By clicking the Agree and Send button, you consent that Luxoft Holding Inc. can process your provided personal data for the purpose of processing your application to establish a potential employment, internship or relocation with Luxoft Holding Inc., a relevant affiliate of the Luxoft Group or Luxoft Group’s clients, as applicable. You consent to the retention of your personal data, with the purpose of contacting you for potential future employment opportunities. If you refer a friend, we will process your provided personal data of you and your referral to award you with a bonus for such recommendation. You can withdraw your consent at any time with effect for the future. Before you consent, please click on „Read these Explanatory Notes“ and view our Privacy Notice (e.g. for your data subject rights).

Note: Our system automatically converts each CV into our standardized format, enabling our HR teams to process applications more efficiently.

I consent that Luxoft Holding Inc. and the affiliates of the Luxoft Group can process my personal data for the purpose of sending me regular emails with information about Luxoft as an employer including job vacancies and (ii) marketing communications with information about recruitment-related events, organized webinars, conferences, as well as the Logeek Magazine and other similar publications. I can withdraw my consent at any time with effect for the future. These communications are personalised to my interests in accordance with our Privacy Notice.

Related Jobs

All jobs

MENU

IAM Developer

Project description

Responsibilities

Skills

Other

Related jobs

ESB and IBM ACE Developer

ESB and IBM ACE Developer

Linux Kernel Networking Expert