As a system admin configuring APS, I want APS to be configured so it aligns to the Alfresco Identity Service technology using Keycloak.
This use case will imply a previous user registration in Keycloak of current APS users.
public REST API's calls are authorized by both Bearer token authentication schema as well as with Basic authentication against Keycloak
Activiti-app enabled with Keycloak will result in a cookie based authentication of the private REST endpoints against Keycloak
Activiti-admin's old functionality will not be broken by this new configuration
This new SSO integration will have priority over the old Oauth2 implementation and Keycloak's enablement will render the old Oauth2 unfunctional