[keycloak-dev] Plan for "First login with identity brokers"
Bill Burke
bburke at redhat.com
Thu Oct 29 09:37:33 EDT 2015
On 10/29/2015 5:42 AM, Vlastimil Elias wrote:
>
>
> On 28.10.2015 21:32, Bill Burke wrote:
>> If a user has loads of social networks and links a bunch of them, if
>> *any one* of them is compromised the entire account is compromised.
>> Most sites using social login, the only reason is there is a login is
>> for the appliation to collect marketing data. So, the default behavior
>> should make things as simple as possible for the user.
>>
>> At a minimum, by default, the user should not be required to link an
>> account if there is a conflicting duplicate email given by the provider.
>> I have found develoeprs.redhat.com very difficult to use.
>
> yep, it is difficult to use because it have to follow company's policy
> with unique emails and Keycloak do not provide necessary support for
> simple and user friendly account linking currently ;-)
>
Yeah, its not your fault. Its ours.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the keycloak-dev
mailing list