<div dir="ltr">+1<div><br></div><div>I'd like to see the ability to define a "user profile" for the realm with associated validators. This would also allow having a update profile required action that could display a form if there are missing or invalid profile information.</div></div><div class="gmail_extra"><br><div class="gmail_quote">On 5 November 2015 at 11:46, Marek Posolda <span dir="ltr"><<a href="mailto:mposolda@redhat.com" target="_blank">mposolda@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I wonder if we should improve handling of custom attributes in<br>
freemarker templates and their validation. Let's assume that I want to<br>
add custom attribute "birthday" and I want to add it to all screens<br>
where user can create/edit account. I can see those issues:<br>
<br>
- Admin will need to edit 3 separate freemarker templates (registration,<br>
account management, update profile page) to have this attribute<br>
displayed on all those places.<br>
<br>
- Missing validations. For registration screen, admin can implement his<br>
own validator through the Authentication SPI. But for account management<br>
and update profile it's currently no way to add custom validations. But<br>
for my "birthday" field, I usually want to have same custom validation<br>
applied on all 3 places<br>
<br>
- Built-in validations: Similarly like we have builtin password<br>
policies, we can provide some builtin validators for custom fields<br>
(mandatory, regex)<br>
<br>
<br>
I wonder if we should add the tab in admin console where people can specify:<br>
<br>
- Name of custom attribute and the type. Then we have some freemarker<br>
helper, which will render those attributes in all 3 places<br>
(registration, account mgmt, updateProfile). I believe something similar<br>
like Bill did for custom providers in admin console ( kc-provider-config<br>
directive) can work here too.<br>
<br>
- Define the validators applied to each field. Similarly like we have<br>
password/OTP policies, we can have "policies" for each custom attribute.<br>
We can provide "mandatory" and "regex" policy with possibility for<br>
people to add custom field validator implementations if they want.<br>
<br>
<br>
Not sure if this was already discussed before and just not implemented.<br>
However I think this will be useful and currently can't think of much<br>
reasons why it couldn't work?<br>
<br>
Marek<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</blockquote></div><br></div>