[keycloak-dev] Async authentication example

Stian Thorgersen sthorger at redhat.com
Tue Jul 11 08:29:18 EDT 2017

I gave it a go and implemented an "async" authentication example. It's
rather simple what happens is:

* User authenticates with username only
* Then a "waiting" page is displayed, which is waiting for some external
callback. This could be an app or whatever that verifies the user then
sends the callback. In the example a CURL command is printed on sysout for
the server which you can run to "simulate" the callback from the app.
* Once the callback is received the user is authenticated without filling
in password or any other credentials in the main browser


Check it out here:

It's a bit hacky in the way it's implemented:

* Using notes for "callback" is a bit strange maybe?
* Had to use custom realm resource for callback endpoint. Is this strange?
* Probably won't work for cross DC, but in 7.2 Hynek has stuff that does
* No way to push change to browser, so have to pull every 2 seconds. Maybe
we could add a simple authentication event feature that uses websockets and
a small auth js lib to do the job of notification?

More information about the keycloak-dev mailing list