[keycloak-dev] social login and remember me

Gabriel Cardoso gcardoso at redhat.com
Mon Feb 24 12:02:46 EST 2014


Services usually don’t have a “Remember Me” for social logins. Thus, I don’t recall a pattern for this. 

Here is a proposal for where it could be located. We can improve it as the product develops.




What do you think?

Gabriel



On Feb 24, 2014, at 12:43 PM, Stian Thorgersen <stian at redhat.com> wrote:

> 
> 
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: "Stian Thorgersen" <stian at redhat.com>, "Gabriel Cardoso" <gcardoso at redhat.com>
>> Cc: keycloak-dev at lists.jboss.org
>> Sent: Monday, 24 February, 2014 3:28:40 PM
>> Subject: Re: [keycloak-dev] social login and remember me
>> 
>> 
>> 
>> On 2/24/2014 9:22 AM, Stian Thorgersen wrote:
>>> Added Gabriel to see if he has a good idea
>>> 
>>> With the current L&F I can only think of two solutions (neither of which I
>>> particularly like):
>>> 
>>> 1. Have it under username/password - probably means no-one is going to
>>> associate it with a social login
>>> 2. Have on under username/password and one under all social logins - I
>>> think this will look weird, and not convinced people will associate it
>>> with a particular login
>>> 
>> 
>> Above is why I started this email in the first place :( There is no good
>> option with the current L&F.
>> 
>>> Is there a way we can not require this for social logins? Social networks
>>> would already provide this mechanism so if we can somehow integrate with
>>> that, we wouldn't need it. One idea would be to set a cookie when a user
>>> has used a social login, then test if they are still logged in with that
>>> automatically.
>>> 
>> 
>> Without "Remember me" the user would have to still be redirected to
>> Keycloak login page and click "Google" or whatever.
> 
> Not necessarily. I was thinking something along the lines of:
> 
> * In social callback we set a cookie to remember user last logged in with 'Google'
> * On next login we check if this cookie is set, if it's set we automatically redirect to login on 'Google' with 'prompt=none'
> * If we get a code from Google, user is logged in and we can redirect with code. If we get an error, then we display login form
> 
> Probably to complex, and probably won't work with all providers (as they may not provide prompt=none option). Just thinking out of the box ;)
> 
>> 
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com

---
Gabriel Cardoso
User Experience Designer @ Red Hat

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20140224/66fc97b0/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: login-remember-me.png
Type: image/png
Size: 56791 bytes
Desc: not available
Url : http://lists.jboss.org/pipermail/keycloak-dev/attachments/20140224/66fc97b0/attachment-0001.png 


More information about the keycloak-dev mailing list