I think their Github "About" text is quite clear imho. An open source identity service that can be an alternative to similar commercial ones like Okta, Auth0.
If this was all the way transparent about Keycloak they’d make it clear that Keycloak is the upstream for Red Hat SSO, which has support options from Red Hat/IBM and so on. It’s a little bit different model from theirs, but no less valid.
I understood its something to do with auth but even the comparison pages didn't clarify in meaningful ways how it's different. I don't see how this could help me get more users - that's my job not yours.
I was also confused what a network has to do with auth. Is this some kind of distributed auth product? Who knows.
Also, I don't think anyone looking at a saas auth product would consider rolling their own. Presumably they're on your site because they aren't interested in that.
So I just didn't know what your value proposition is.
Because it's a 3rd party, it cannot be non-compliant?
Seems like it's 1 extra click to disallow compared to allow, so yeah, non-compliant. Should be exactly as easy to say yes as saying no. In this case it's not.
It's not overblown criticism. They advertise their product as GDPR-compliant, and yet their website uses dark patterns to trick people into allowing tracking, and is not GDPR-compliant.
Do I trust them to be as diligent in their product?
And yeah, what gives GDPR bad rep is exactly these kinds of dark patterns and other forms of malicious compliance by non-caring companies.
It's their choice to chose that banner, and their choice to configure it this way. Most third-party banners are non-compliant, including this one. Which they should know, given that they advertise GDPR compliance for their main product.
The banner should have a Reject All option, preferably as default action.