[keycloak-user] When using an IdentityBroker
Ed Hillmann
ed.hillmann at gmail.com
Mon Jul 20 01:15:43 EDT 2015
Hi, I'm going through the most recent doco, and I'm looking at the
IdentityBroker
<http://keycloak.github.io/docs/userguide/html/identity-broker.html>
section. So, having gone through the walkthrough, can someone tell me if
I'm on the right track.
So, step #8 states that "Keycloak is going to check if the response from
the identity provider is valid. If valid, it will create an user or just
skip that if the user already exists".
Does that mean that KeyCloak will have a User, against which roles can be
mapped? This will be a user that would be, for example, displayed in the
admin console just like any locally-defined User?
I'm trying to piece this all together, from where we can start assigning
roles to these users whose authentication has been performed by an external
IdentityProvider.
Following on from that, the user would continue to authenticate against the
Identity Provider? If they already exist, that's mentioned later on it the
same text where the accounts are linked?
If I've got this wrong, please let me know. :)
Thanks for any help,
Ed
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20150720/efe0329a/attachment.html
More information about the keycloak-user
mailing list