Thomas Darimont is a seasoned digital identity expert with 13 years of hands-on experience designing and implementing IAM solutions, currently working on conformance testing for OpenID Foundation and running Identity Tailor GmbH. A long-time Keycloak maintainer and active contributor to Spring Security and Cloud Foundry UAA, he blends deep Java backend engineering with test automation and standards-level tooling. He helps vendors achieve certification for OpenID Connect, FAPI and newer specs like OpenID4VCI/OpenID4VP, often building the conformance tooling they rely on. Thomas’s contributions to Keycloak include production-facing fixes and usability features (OTP configuration, deterministic JSON exports, i18n client fields), showing attention to both robustness and developer experience. Based in Saarland, Germany, he pairs practitioner-level consulting and open-source stewardship with a track record of mentoring and teaching in enterprise and academic settings.
13 years of coding experience
14 years of employment as a software developer
Bachelor of Arts - BA, Information Management, Bachelor of Arts - BA, Information Management at ASW gGmbH
Simple project environment for creating custom Keycloak extensions
Role in this project:
Back-end Developer
Contributions:2 reviews, 238 commits, 6 PRs in 3 years 8 months
Contributions summary:Thomas primarily contributed to the project by implementing and revising custom Keycloak extensions. Their work includes creating custom themes, implementing SAML mappers, and developing custom authenticators with forms and email notifications. The user's contributions also involve examples for a custom SAML protocol and other utility features such as a global JAXRS request/response filter. They removed Lombok usage and added tests for various extensions.
Open Source Identity and Access Management For Modern Applications and Services
Role in this project:
Back-end Developer
Contributions:256 reviews, 140 commits, 258 PRs in 7 years
Contributions summary:Thomas's contributions focused on enhancing the Keycloak authentication and authorization platform. They added functionality to configure OTP periods within the admin console and introduced a description field for client definitions, complete with i18n support. Further improvements involved fixing a potential NullPointerException in the Servlet-Filter Adapter and refactoring the handling of SAML responses, particularly around how missing destination elements are handled. Additionally, the user implemented code to ensure deterministic ordering of properties during JSON configuration export.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Thomas Darimont - Conformance Specialist Certification Team