Legacy System to Keycloak Migration Strategy

victropolis · October 23, 2019, 7:31pm

We have an existing legacy system (spring controllers and pojo’s running in tomcat against a postgres backend) that uses a home-grown authentication and authorization system and we would like to join the 21st century and transition to a OpenID/Oauth IDP such as Keycloak. We have 10s of thousands of pre-existing users.

Are there any HOWTOs or videos that describe some recommendations as to how to accomplish this most successfully? Thanks in advance for any help and/or suggestions. Much appreciated.

fschmtt · December 20, 2019, 8:42am

Hi,

we had a very similar task to fulfill by changing the authentication of a legacy system (with a user base of > 2m) to using OpenID-Connect provided by Keycloak.

To be able to use the legacy’s user storage we implemented Keycloak’s User Storage SPI from where we read and validated credentials against our existing database.
We didn’t migrate any of the existing users into the Keycloak database schema.

ezajko · December 24, 2019, 7:55am

Hi there,

you can check this [1] blog post, it might help…

regards,
–eZ
[1] https://medium.com/@olgaatsmartling/migrate-to-keycloak-with-zero-downtime-74d4997d91ad

Topic		Replies	Views
How to implement user's migration Getting advice	2	4789	September 24, 2022
Migrating users with existing password Getting advice	14	3838	March 7, 2024
Migrate to Keycloak with Zero Session Lost Getting advice	0	631	January 20, 2020
Need input on authenticating a user in keycloak and there passwords stored in external systems Getting advice authentication	1	360	June 15, 2023
How to best import users from legacy application? Getting advice	10	15692	July 16, 2024

Legacy System to Keycloak Migration Strategy

Related topics