[keycloak-dev] Google redirect url
Thomas Raehalme
thomas.raehalme at aitiofinland.com
Thu Jan 14 03:12:24 EST 2016
On Thu, Jan 14, 2016 at 9:48 AM, Stian Thorgersen <sthorger at redhat.com>
wrote:
>
>
> On 13 January 2016 at 22:09, Thomas Raehalme <
> thomas.raehalme at aitiofinland.com> wrote:
>
>> Hi!
>>
>> Google doesn't accept wildcards in redirect URLs. This means I have to
>> create a separate client for every realm in the Google console.
>>
>> Any chance we could have a shared redirect URL across realms? Maybe as an
>> option in the federation configuration? Then I could share the same Google
>> config for each tenant.
>>
> -1 The client in Google should be per-realm as otherwise you're also
> sharing the config in Google (logo, contact email, etc) and also consent.
> Also, all logic here is per-realm so it would be a fair bit of special code
> to be able to support this.
>
I understand your points, but in a SaaS application with a realm per
tenant, it would simplify operations a great deal. You'd probably be
sharing the config in Google anyways.
For example, themes are also shared across realms so would it really be
such a big problem considering the advantages?
Best regards,
Thomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160114/19f4c565/attachment.html
More information about the keycloak-dev
mailing list