[keycloak-dev] Social login with user registration disabled

Marek Posolda mposolda at redhat.com
Tue Mar 17 11:15:25 EDT 2015 

On 17.3.2015 16:03, Stian Thorgersen wrote:
>
> ----- Original Message -----
>> From: "Bill Burke" <bburke at redhat.com>
>> To: keycloak-dev at lists.jboss.org
>> Sent: Tuesday, March 17, 2015 3:56:23 PM
>> Subject: Re: [keycloak-dev] Social login with user registration disabled
>>
>> Ho could we actually implement that.  We're dependent on a UserModel
>> existing after the social login.
> If auto-provision was disabled we'd only allow users to login with a identity provider after they have linked the account with a provider. We can (and should) also make it possible for admins to add links (an admin would just need to know the provider-id and the external user-id to do that). Users that try to login without having an account already would just get an error.
We have already admin REST endpoints to add/get/remove links. However in 
admin console UI, it's read-only at this moment (admin can see links, 
but can't add/remove them in UI).

Marek
>
>> On 3/17/2015 10:54 AM, Stian Thorgersen wrote:
>>> It's not directly linked to user registration. When a user logs in the
>>> first time with an external idp the user is automatically provisioned. We
>>> can add an option on each identity provider to enable/disable
>>> automatically provisioning of users. Please create a jira to request that.
>>>
>>> ----- Original Message -----
>>>> From: "Leonardo Loch Zanivan" <leonardo.zanivan at gmail.com>
>>>> To: keycloak-dev at lists.jboss.org
>>>> Sent: Tuesday, March 17, 2015 3:49:05 PM
>>>> Subject: [keycloak-dev] Social login with user registration disabled
>>>>
>>>> I have a requirement in a SaaS application to disable user registration,
>>>> so
>>>> only administrators can register new users.
>>>>
>>>> Users should be able to login with social providers such as Google+ and
>>>> Facebook. To allow this, each user could link in his profile.
>>>>
>>>> However, when I enable social login, new users are registred automatically
>>>> to
>>>> the realm. I don't think that right, since User Registration is disabled.
>>>>
>>>> :/
>>>>
>>>> _______________________________________________
>>>> keycloak-dev mailing list
>>>> keycloak-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>>
>> --
>> Bill Burke
>> JBoss, a division of Red Hat
>> http://bill.burkecentral.com
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

More information about the keycloak-dev mailing list