Create a custom identity provider and configure it with keycloak

weltonrodrigo · May 10, 2021, 10:50pm

Did you do it?

I think this is pretty straightforward:

Check org.keycloak.authentication.authenticators.browser.IdentityProviderAuthenticator for an example of how to get uri params in the authentication flow and then CookieAuthenticator.java for how to communicate success to the flow.
Setup a custom flow using your authenticator

The steps above will authenticate a user in the keycloak database. The second part would be to get this user form your rest API.

For that, you need to implement a UserLookupProvider.

In your authenticator, when you ask for the user with id endUserString all classes implementing UserLookupProvider will be called until one return an UserModel. You just implement the query to your rest API here, convert the api data to Keycloak Model (user info, roles and permissions) and let keycloak handle the rest of the OIDC flow.

Hope this helps.

Topic		Replies	Views
Create an own identity provider	1	613	June 11, 2020
Help with understanding Keycloak as Identity Broker	10	3045	July 29, 2024
Map users with IDPs and Using custom REST API based SPI for authorizing the Users Getting advice	2	417	August 31, 2021
Keycloak Login and User Model with custom data from external REST API Getting advice authentication , user-federation , oidc	2	4955	April 28, 2022
External token exchange with custom flow Getting advice	7	2605	October 8, 2024

Create a custom identity provider and configure it with keycloak

Related topics