[keycloak-user] External Registration Flow
Schneider, Tom
tschneider at connecture.com
Tue Apr 7 11:52:14 EDT 2015
That is close, but not quite the flow we're trying to implement. This would be the flow we are attempting to implement:
1. Visit app
2. Click on registration link within app
3. Fill out registration info
4. App calls keycloak webservices to create user and set password
5. Redirect to keycloak
6. ??? (Currently SAML Login)
7. Redirect back to app
Ideally I would think there would be a way for the app to request some kind of token that can be sent back to keycloak to allow the user to be logged in with having the end user login explicitly. However, I haven't found anything that would do something like this yet.
-----Original Message-----
From: keycloak-user-bounces at lists.jboss.org [mailto:keycloak-user-bounces at lists.jboss.org] On Behalf Of Bill Burke
Sent: Tuesday, April 07, 2015 10:31 AM
To: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] External Registration Flow
To have the seemless integration you want, Keycloak would need some kind of remote registration protocol so that registration could be delegated to another app. We don't have this ability yet. This is because you want this flow, right?:
1. Visit app
2. Redirected to Keycloak login
3. Click on registration link on page
4. Redirect to External registration app 5. Register 6. Redirect back to keycloak 7. Import user 8. Redirect back to app
On 4/7/2015 10:17 AM, Schneider, Tom wrote:
> I have an existing application that I'm looking to integrate with
> keycloak. One of the flows we're working on is a user
> self-registration flow. In this flow, a user will enter registration
> information, then the user will be provisioned within the local app
> and then we use web service calls to create the user in keycloak.
> After the user is provisioned, then we do a SAML post to keycloak, the
> user logs in and then they are redirected back to our app.
>
> This is all working fine, however, the user must enter their username
> and password twice, once on the registration screen and once to log
> into keycloak to establish an SSO session. We'd like to avoid using
> the keycloak registration screens since we collect additional business
> data on our registration screen that our app needs. Are there any
> suggestions on how to avoid this double login?
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list