<div dir="ltr">I'm not sure I fully understand. Are you using a Docker client to authenticate with Keycloak? That works with the standard OIDC flows, but it requires some additional claims in the token which you are adding with a protocol mapper?</div><div class="gmail_extra"><br><div class="gmail_quote">On 12 August 2016 at 15:31, Josh Cain <span dir="ltr"><<a href="mailto:josh.cain@redhat.com" target="_blank">josh.cain@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Hi All,<br><br></div>We want to use Keycloak as the IDP/Token issuer for authentication with a docker registry as per the specification found here:<br><br><a href="https://docs.docker.com/registry/spec/auth/" target="_blank">https://docs.docker.com/<wbr>registry/spec/auth/</a> <br><br></div>I've implemented a Protocol Mapper in Keycloak that successfully uses the IDP to perform a login against a registry/docker client. Is this something that the team is interested in building into the product? If so, I'd be happy to push back upstream.<span class="HOEnZb"><font color="#888888"><br><div><div><div><br clear="all"><div><div data-smartmail="gmail_signature"><div dir="ltr"><span><div><div>Josh Cain | Software Applications Engineer<br></div><i>Identity and Access Management</i><br></div><b>Red Hat</b><br><a href="tel:%2B1%20843-737-1735" value="+18437371735" target="_blank">+1 843-737-1735</a><br></span></div></div></div>
</div></div></div></font></span></div>
<br>______________________________<wbr>_________________<br>
keycloak-dev mailing list<br>
<a href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-dev" rel="noreferrer" target="_blank">https://lists.jboss.org/<wbr>mailman/listinfo/keycloak-dev</a><br></blockquote></div><br></div>