Skip to content

ForrestRolf/keycloak-remote-user-federation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
src/main
src/main
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Keycloak Remote User Provider

Deploy

  • Copy target/remote-user-federation-jar-with-dependencies.jar to /opt/keycloak/providers/remote-user-federation-jar-with-dependencies.jar
  • Restart Keycloak

Note

When user federation is enabled, the user list will not load data initially and needs to be searched manually. Tip: To search for all users, use * in the search.

Usage

Configuration

Name Default Description
Remote server https:// Rest API endpoint providing users
Define endpoint for find user /find Rest API subpath for find user by id,name,email
Define endpoint for verify password /verify Rest API subpath for verify user password
Define endpoint for search users /search Rest API subpath for seach users
Define endpoint for count users /count Rest API subpath for count users
Authorization HTTP Authorization request header
Add roles to token true If this option is enabled, a realm role will be automatically created and returned in the token.
Enable detail logs false Print detail logs

API Response Schema

GET /find

Params

Name Description Example
type Valid values are id, username, or email.
id /find?type=id&id=1
username /find?type=username&username=foobar
email /find?type=email&[email protected]

Response

{
  "id": "1",
  "firstName": "foo",
  "lastName": "bar",
  "userName": "remotefoobar",
  "email": "[email protected]",
  "emailVerified": true,
  "enabled": true,
  "attributes": {
    "public_email": "[email protected]",
    "private_email": "[email protected]"
  },
  "createdAt": "2024-01-15T12:34:13+08:00",
  "roles": ["role1", "role2"]
}

POST /verify

Params

Name Description
username
password

Response

{
  "valid": true
}

GET /search

Params

Name Description
method Search by role or search by user information. Valid values are user, role
role If you search by role name, the value exists.
skip Offset used for pagination
take Limit used for pagination
keycloak.session.realm.users.query.include_service_account
keycloak.session.realm.users.query.search Keywords entered in keycloak console

Response

[
  {
    "id": "1",
    "firstName": "foo",
    "lastName": "bar",
    "userName": "remotefoobar",
    "email": "[email protected]",
    "emailVerified": true,
    "enabled": true,
    "attributes": {
      "public_email": "[email protected]",
      "private_email": "[email protected]"
    },
    "createdAt": "2024-01-15T12:34:13+08:00",
    "roles": ["role1", "role2"]
  }
]

GET /count

Params

Name Description
keycloak.session.realm.users.query.include_service_account
keycloak.session.realm.users.query.search Keywords entered in keycloak console

Response

{
  "total": 100
}

Development

Prerequisites

  • Docker Compose
  • JDK 17
  • maven > 3.3 installed on your computer

Debugging

mvn clean package
docker compose up -d

About

Keycloak User Storage SPI for HTTP

Resources

Readme

License

Apache-2.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages