[keycloak-dev] Custom Realm Attributes

Dmitry Telegin mitya at cargosoft.ru
Tue Aug 30 05:11:18 EDT 2016 

Hi guys,

Just FYI, there's a PR (#3153) that makes realm attributes generally
available for developers, i.e. exposed through RealmModel, accessible
via REST, with support for Mongo and Infinispan. At the moment realm
attributes are available only for JPA (via o.k.models.jpa.RealmAdapter)
without caching and are not exposed via REST.

Cheers,
Dmitry

> > > > > Sounds like an interesting idea. For a while ago I was thinking about
how you'd manage clients and hostnames in different environments
(dev, test, prod) without having to modify the config. My idea at the
time was to introduce server aliases which would be a similar thing
to what you are proposing although with much more limited use.
> 
> > On 28 August 2016 at 12:24, Thomas Darimont <thomas.darimont at googlema
il.com> wrote:
> > Hello group,
> > > > currently the configuration for themes, extensions, clients is
quite local to a 
> > > > component and one has to repeat some information like company name,
trademark, 
> > URLs, parts of application name etc.
> > 
> > > > It would be cool if an admin could configure a set of key-value
pairs on realm 
> > > > level that could then be used / referenced in client definitions,
user attributes, themes, emails.
> > > > The admin-console could feature a new tab 'attributes' in the
realm-settings 
> > > > in which one could configure key-value pairs with support for
string, boolean, 
> > numeric and lists values.
> > 
> > > > This could also be used as a centralized configuration source of
custom extensions e.g. 
> > FederationProvider, RequiredActions, Authenticators.
> > 
> > > > Of course something like this is already partially possible with
system properties / env-variables.
> > > > However these values are hard to change at runtime. Having a
dedicated support for realm-wide 
> > > > attributes managed by an "attributes" section in the admin-console
would allow for simpler configuration.
> > 
> > > > An idea on top of that is to let extensions (like custom
Authenticators) register their configuration settings 
> > > > as attributes in the realm which could then be shown as an overview
in the "attributes" section of the realm-settings.
> > > > This would give provide you with all the configuration settings for
all realm-components at a glance.
> > 
> > Cheers,
> > Thomas
> > 
> > 
> > 
> > _______________________________________________
> > 
> > keycloak-dev mailing list
> > 
> > keycloak-dev at lists.jboss.org
> > 
> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
> 
> 
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160830/5453cb31/attachment-0001.html

More information about the keycloak-dev mailing list